Versions Compared

Version Old Version 3 New Version 4
Changes made by

Yellowfin Admin

Yellowfin Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
top
top

Table of Contents
classcontents

Overview

Yellowfin can be connected to an LDAP source for user authentication and group management purposes. This allows Yellowfin access to be controlled externally and organisation-wide simply and quickly. Users can use their existing intranet password for Yellowfin authentication, and reports can be given access restrictions which include or exclude users in specific LDAP groups.

...

For Yellowfin to provision users automatically it has to assign a role to them. This role is defined as a Yellowfin 'Default' Role. In the Roles ロール page, define one Role as the Default.

  1. Navigate to Administration > General > Role Management
  2. Select the Role you wish to make Default
  3. Tick the Default Role box and Save

Note: if no role is set as default the users will not be provisioned correctly into Yellowfin and the process will fail.

...

To provision users from the LDAP directory and to use LDAP Authentication the required attributes must be defined on the Configuration システム設定 page. The attributes required by Yellowfin include:

...

Once defined, Yellowfin will automatically provision users as they attempt to login to Yellowfin for the first time.

Note: if the users in LDAP exceed the number of licences purchased, any new users will not be provisioned into the system.

...

This is an example taken from the Configuration システム設定 page of Yellowfin

The configuration above will:

  • Connect to LDAP host 192.168.4.241 on port 389
  • Users will be searched from cn=Users,dc=i4,dc=local
  • Users will be allowed access to Yellowfin if they are a member of cn=Yellowfin Users,cn=Users,dc=i4,dc=local
  • The user search is conducted with user cn=Administrator,cn=Users,dc=i4,dc=local bound to the LDAP server with password password
  • Users will use employeeID as their login ID and Yellowfin will load their given name, surname, and email from the LDAP directory attributes givenName, LastName, and userPrincipalName respectively

Note: if a user is not found in the LDAP directory, it will look for the username as a standard Yellowfin user.

...

  1. Open the Add LDAP Group drop down
  2. A list of LDAP groups will be displayed. Select the group to be used to create members for the Yellowfin Group
  3. Click Add to add the LDAP Group members into the Yellowfin Group