Restrict LDAP to specific site

Forums de discussion

Bharamani P Tashildar, modifié il y a 6 années.

Restrict LDAP to specific site

Junior Member Publications: 48 Date d'inscription: 27/08/14 Publications récentes

Hi All,

How to restrict LDAP(Microsoft Active Directory) user store to the specific site?

Connecting two LDAP(Microsoft Active Directory) to Liferay DXP. Ex- 'LDAP A' and 'LDAP B'
Created two sites. Ex-'Site A' and 'Site B'

So need to restrict 'LDAP A' to 'Site A' and 'LDAP B' to 'Site B'

How to achieve this?

Please provide inputs .............

Thanks
Bharamani T

Christoph Rabel, modifié il y a 6 années.

RE: Restrict LDAP to specific site

Liferay Legend Publications: 1554 Date d'inscription: 24/09/09 Publications récentes

If you need to completely separate the two usergroups you need to create Portal Instances. Then everything, users, content and configuration is separated.

Otherwise, in the same instance, all users are added to the same "global" store and you can't restrict that. But you can divide them by membership. But you could create a site A and a site B and make the users from ldap A members of site A and do the same with site B and ldap B.

How you would do that depends on your setup. A possible way would be to create a group "AllSiteAUsers" in Active Directory A, import it and add the group AllSiteAUsers to Site A. Same with Group B.

Jack Bakker, modifié il y a 6 années.

RE: Restrict LDAP to specific site

Liferay Master Publications: 978 Date d'inscription: 03/01/10 Publications récentes

To add to what Chrisoph wrote, you could additionally set the group import filter for ldap A to be different from ldap B, but that alone doesn't handle the association of an imported usergroup with a site - something which is done in Liferay itself.