Frequently Asked Question

To provision users from the LDAP directory and to use LDAP authentication specify the LDAP attributes in the Yellowfin Administration > configuration section.




The attributes required by Yellowfin include:

LDAP Host
LDAP server hostname or IP address

LDAP Port
TCP/IP port that the LDAP server is listening on

LDAP Base Distinguishing Name
Base DN under which all Yellowfin users and groups are connected.

LDAP Yellowfin User Group
LDAP Group Name of which all users that are allowed to login are members of.
This group exists in the LDAP directory. It is not a Group created within the Yellowfin application.
If this is not entered, all users found can use Yellowfin.

LDAP Binding User
This is a LDAP User that the Yellowfin application uses to connect to the LDAP directory for search access

LDAP Binding User Password
The LDAP Password required for the Yellowfin application to connect to the LDAP

LDAP Search Attribute
This is unique ?user name? field that LDAP users will use as their Login into Yellowfin.
This is an LDAP parameter such as Email address or Employee Number.

First Name Attribute Name
This maps to the first name attribute of the user within the LDAP directory.
This is so Yellowfin can match the user to a name and create an internal user account

Surname Attribute Name
This maps to the surname attribute of the user within the LDAP directory.
This is so Yellowfin can match the user to a name and create an internal user account.

Email Attribute
This maps to the email address attribute of the user within

Name
The LDAP directory. This is so Yellowfin cna match the user to an email address for broadcast reports.

LDAP Role Attribute - More Info -
You can specify the name of a YF role so that this user/group is automatically given this role.

Example:




The configuration above will connect to a LDAP host 192.168.4.179 on port 389 .
Users will be searched from DC=vm-win2k-dc, DC=Office, DC=yf.
All users found will be allowed to access to Yellowfin as no group has been specified. You CAN specify a group so only members of the group can use Yellowfin e.g. cn=Yellowfin Users,cn=Users,dc=i4,dc=local

The user search is conducted with user CN=Administrator, DC=vm-win2k-dc, DC=Office, DC=yf[b] , so only users/groups this account has access to will be used in Yellowfin.
Users will use sAMAccountName as there login ID and Yellowfin will load their given name, surname and email from the LDAP directory attributes sAMAccountName, sn, UserPrincipalName, profilepath respectively.
If a user is not found in the LDAP directory, it will look for the username as a standard Yellowfin user.

Related Posts:
LDAP authentication Guide
Creating LDAP Users
Creating LDAP Groups
Defining the Default Role


If you are recieving errors, or having issues setting this up, please email
support@yellowfin.bi