This section contains important information about using Host On-Demand with LDAP. You should read and understand this section before using LDAP.
LDAP enables you to manage Host On-Demand configuration information by arranging those users into a hierarchical tree of groups. A group can have one of more subgroups as children and each subgroup inherits all of the sessions defined by the parent group. A user can be an immediate member of any one group and inherits sessions from all the groups in its inheritance tree. This means that you can define sessions in a high-level group for a large number of users and subgroups and then customize them in lower-level groups for smaller numbers of users. It also means that no user can belong to more than one group.
Will migrating to LDAP change my present group structure and user configurations?
Yes. Because your Host On-Demand private data store is not arranged hierarchically, migrating your configuration information to an LDAP directory changes the relationship between your users and groups. Specifically, all groups and their sessions become children of the root group of the LDAP directory and all users become members of one of the groups they were members of before migration (refer to the migration log for details). Also, because of this change, users that are members of multiple groups will lose configuration information as a result of migration.
What happens if I choose not to migrate my configuration information?
None of the users, groups, and sessions that are defined in the private data store will be accessible from the logon window or the administration window. If it does not already exist, Host On-Demand will create a single administrator User ID named "admin" with a password of "password."
What happens to the configuration information in the private data store when I migrate?
It is preserved and is not modified by the migration process. However, it does not reflect the latest updates either. When you use an LDAP directory, changes to configuration information will only be updated in that LDAP directory.
Once I have migrated and started using LDAP, how do I switch back to using the Host On-Demand private data store?
Clear the Use Directory Service (LDAP) box on the Directory tab, and click Apply. This will disable use of the LDAP directory and Host On-Demand will begin retrieving user and group information from the private data store.
Is there anyway to migrate my configuration back to the Host On-Demand private data store?
No, migrating from an LDAP directory to the Host On-Demand private data store is not supported.
Related topics: