When a user logs in to Build Forge for the first time using LDAP
credentials, the user is authenticated and set up within Build Forge
as follows.
Important: If you intend to use group mapping, enable
LDAP group mapping
before users log in.
If group mapping
is disabled, users log in, and you later enable group mapping, the
mapping is not performed on the existing users. If you enable LDAP
group mapping after users have logged in, delete the users from the
Build Forge Users list and have them log on again. The users'
membership to Build Forge access groups is then based on the LDAP
group mapping, rather than any manual changes you have made.
- The user sees a Domain field on the login
panel. If more than one domain is configured, the field is a pull-down
list. The user selects the domain and logs in.
Note: If you configure
more than one domain, individual unique user IDs must be unique across
domains. The system allows only one login per unique user. If one
user logs in and then another user logs in using the same unique user
ID, the first user session is closed. See
Accessing and using the console for more information about
user sessions.
- Build Forge checks for the account on the LDAP server. You can
configure Build Forge to use a normal user or an administrative user
to perform the check.
- If the user name is found, Build Forge then attempts to log in
to LDAP using the credentials the user supplied at the Build Forge
login panel (or from a login from a program using an API client).
- If the credentials do not match or the user name is not found,
the login fails.
- If the credentials match, login proceeds.
- If the user has not logged on before, Build Forge automatically
creates a user in its user list. A user who logs in through LDAP has
the User Name, Password, Login, Confirm,
and Email fields disabled, because that information
is provided by LDAP.
Note: The system assigns LDAP users to the root
user's time zone on first login because it does not get time zone
information from LDAP. You can manually set the time zone afterward.
- Build Forge applies access groups to the user.