The following property groups are available for user directory connectors of the type ApacheDS.
All fields are mandatory and must not be empty.
|Name||The name of the UDC configuration, defined from the QMC.|
The UDC type.
User sync settings
|Sync user data for existing users||
Note: The user attributes are only synced when a user logs in to the hub. Even if you delete the user in the QMC, the active session is still valid for the user that has been deleted. If the hub is only refreshed, the user is added to the database, but without any attributes.
User directory name
Must be unique, otherwise the connector will not be configured. The name of the
Note: Not entered manually for Active Directory.
The URI used to connect to the directory server. To support SSL, specify the protocol as LDAPS instead.
Note: Custom ports are not supported.
|User name||The optional user ID used to connect to the directory server. If this is empty, the user running the Qlik Sense repository is used to log on to the directory server.||-|
|Password||The optional password for the user.||-|
The Advanced property group contains the advanced LDAP connector properties in the Qlik Sense system.
|Additional LDAP filter||Used as the LDAP query to retrieve the users in the directory.||-|
|Synchronization timeout (seconds)||The timeout for reading data from the data source.||240|
|Page size of search||
Determines the number of posts retrieved when reading data from the data source. When the specified number of posts have been found, search is stopped and the results are returned. When search is restarted, it continues where it left off.
Tip: If the user synchronization is unsuccessful, try setting the value to '0' (zero), which is equal to not doing a paged search.
2000 (For ApacheDS: 1000)
|Use optimized query||
This property allows Qlik Sense to optimize the query for directories containing many groups in proportion to the number of users retrieved.
Warning: To be able to use the optimization, the directory must be set up so that the groups refer to the users. If the directory is not set up correctly, the optimized query will not find all groups connected to the users.
This property is only visible for Generic LDAP and Active directory search, (Active Directory always uses optimization).
Optional. Authentication type to connect to LDAP.
The values can be comma separated.
Values: Secure, Encryption, SecureSocketsLayer, ReadonlyServer, FastBind, Signing, Sealing, Delegation, ServerBind.
Note: To support "LDAP Channel Binding and LDAP Signing in Active Directory and Generic LDAP UDCs", use the following Authentication type values: Secure,Signing.
|FastBind or Anonymous, based on the credentials settings.|
Directory entry attributes
The Directory entry attributes property group contains the directory entry attributes for the LDAP connector.
|The attribute name that identifies the type of directory entry (only users and groups are used by the ApacheDS
The attribute value of the directory entry that identifies a user.
|Group identification||The attribute value of the directory entry that identifies a group.||groupOfNames|
|Account name||The unique user name (within the
|The attribute name that holds the emails of a directory entry (user).|
|Display name||The full name of either a user or a group directory entry.||cn|
The attribute name that indicates direct groups that a directory entry is a member of. Indirect group membership is resolved during the user synchronization.
This setting or the one below, Members of directory entry, is allowed to be empty, which means that the group membership is resolved using only one of the two settings.
|Members of directory entry||
The attribute name that holds a reference to the direct members of this directory entry.
See also the Group membership setting, above.
Tip: If no tags are available, this property group is empty.
Connected tags are displayed under the text box.