Mappings between LDAP and Talend Administration Center: Best Practices - 8.0

Version
8.0
Language
English (United States)
Product
Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Module
Talend Administration Center
Content
Administration and Monitoring

Mappings between LDAP and Talend Administration Center

This article applies to users of Talend Administration Center (TAC) who want to implement LDAP mappings for Git credentials.

When implementing LDAP with Talend Administration Center, the best practice is always to define mappings for any field you wish to synchronize.

For sensitive information such as Git credentials, which you may not want to store unencrypted in your LDAP, you can set up the appropriate ACL or use the Talend API to encrypt it.

It is not possible to input credentials directly in the "User settings" page when LDAP enabled. The best practice to manage Git credentials is also detailed below.

Description

You should not enable users to set information in Talend Administration Center manually because:

  • When a user input his/her credentials from the "User Settings" page and saved, this information was not written back to the LDAP.
  • Then, when an administrator edited the roles for this user from the "Users" page and saved, any information that this user had manually input in the "User Settings" (such as Git credentials), was written back into the LDAP as null.

The next time this user tried to access a remote project in Talend Studio, an error message was displayed.

Resolution

When LDAP is enabled in Talend Administration Center, users can no longer change Git credentials in the "User Settings" page.

If you choose not to map the password field between your LDAP and the Talend Administration Center database, you can input your Git credentials on connecting to a remote Git.

This behavior means you do not need to map this particular field but can still benefit from the synchronization between LDAP and Talend Administration Center for all other information.