Ulteo Open Virtual Desktop

Accounts Integration

Copyright © 2009 Ulteo SAS - http://www.ulteo.com

Table of Contents

Internal accounts
LDAP integration
Active Directory integration

In order to simplify the installations steps, the default configuration of the Session Manager provides a static user list. It is also possible to manage static users from the interface or to define users from an external directory database.

For now, LDAP and Active Directory are supported.

With the internal system, it is possible to create, remove and customize users.

This configuration is available in the Administration console at Configuration -> Profiles Settings.

The Profile setting is made of the following parts:

[Note]Note

Use usergroups from a remote database is an option. By default, usergroups are managed by the internal system.

Internal accounts

The internal accounts managment is set by default.

This module provides two options:

  • Static list: This is the default option. It's using a static hardcoded user list. You cannot customize users. Those users don't any password.

  • Dynamic list: if you select this options, you will be able to create your own users from the Users page.

[Note]Note

The Dynamic list is the only User module that lets you create, delete or modify users. Other modules have a read only mode on the database.

LDAP integration

Here is a classic LDAP configuration. You have to give the LDAP host and suffix, and the branch where users are stored.

An administrator account is needed to be able to list the directory if your LDAP does not allow anonymous bind.

User groups

There are two ways to manage LDAP user groups:

  • Member of: find user groups with the MemberOf field of users attributes

  • Posix group: group information is retrieved by listing a node which provides the list of user groups. In order to match users and user groups, the memberuid field is used.

Home directory

It's possible to configure your integration to define CIFS directories for your users so they can use them as their home directory.

To configure the CIFS homedir, the first step is to give the name of the LDAP field that contains this information.

Then you have to select the authentication method. In most cases, the user login/password is the correct one.

Active Directory integration

The AD module derives from the LDAP one but allows an easier configuration.

[Note]Note

If you want to specify a sub Organization Unit (OU), you have to get the path separated by a coma.

For instance: Developers,web,ajax.

User groups

The AD user groups integration is using the LDAP MemberOf field.

Home Directory

At the moment, CIFS provides an asynchronous mode using the roaming profile. It will be improved in the next version by redirecting directories