Lightweight Directory Access Protocol (LDAP) provides for a single sign in where one user name and password for a user is shared between many services. It authenticates user names and passwords using your LDAP Directory rather than your Web Community Manager website. If your LDAP administrator changes the password for a user within your LDAP Directory, that user’s password is automatically updated in your Web Community Manager website.
LDAP can automatically create user accounts in your Web Community Manager website for any users entered in your LDAP Directory. When users first sign in to an LDAP enabled Web Community Manager website with a user name and password combination that the website does not recognize, LDAP allows the website to attempt to authenticate with user credentials in your LDAP Directory. If that authentication is successful, your Web Community Manager website creates a user account for the user, allowing that user access to the site as a registered user.
LDAP allows you to create cross references between groups that you have created in your Web Community Manager website and groups that exist in your LDAP Directory. Users assigned to groups in your LDAP Directory are assigned to the cross referenced Web Community Manager groups each time the LDAP authenticated users sign in to Web Community Manager. LDAP authenticated users are added or removed from Web Community Manager groups as determined by the LDAP to Web Community Manager group cross references.
Blackboard must turn on the configuration options for LDAP on your Site Manager. Talk to your Blackboard contact, if you don't have LDAP and want it.
- Prepare your LDAP Server for LDAP connectivity.
- Add LDAP domains to Web Community Manager.
- Create cross references in Web Community Manager.
- Create a passport with the extended privilege Allow users to sign in using LDAP.
- Create categories.
- Create groups.
- Map LDAP group to Web Community Manager group cross references
- Create a non-LDAP Site Director user account with a passport having all extended privileges except Allow users to sign in using LDAP.