Password Safe and Repository

Update to version 6.3

Update to version 6.3

Previous topic Next topic  

Update to version 6.3

Previous topic Next topic  

From version 6.3 on not only the multi domain capability has been implemented, also the complete LDAP connection has been improved, what brings forth that at the update some points have to be considered. Therefore we suggest to refer to this instruction at the update to version 6.3.

 

Backup

First of all create a backup of your database in order to have a valid backup if there are any problems.

 

LDAP configuration

Make sure that server as well as client are up-to-date and that the necessary patchlevel update of the database has been carried out. Afterwards log on the database with administrator rights and open the user and group management. With a click on the arrow next to the button to the Active Directory import a context menu opens in which you open the window for the Active Directory configuration via Active Directory settings.

 

LDAP_Update_Open_Settings

 

If you should have used the native connection so far give away a name for the connection in the Active Directory configuration under profile name. This can for example be the name of the Active Directory or also the name of the server. Underneath you enter a user and his/her password who is authorized for the Active Directory. (optional / not necessary according to LDAP configuration). Under domain you enter the name of the domain. Please enter the domain here including its TLD (in this example .test). Please mind case sensitivity here. If you have used the LDAP connection so far the necessary settings are already made. If the connection could be tested successfully, please save the settings.

 

LDAP_Update_check_connection

 

 

Checking the domain

According to the configuration of the Active Directory it can happen in some cases that the domain has not been taken over properly. Therefore check if the domain which is listed behind the Active Directory users and groups confirms with the domain from the configuration. In this example the TLD .test has not been taken over. Furthermore the domain is completely written in capital letters, which could cause problems and therefore should be changed.

 

LDAP_Update_wrong_Domain

 

Attention!

Only change the domain after you have checked it carefully. If necessary refer to the domain administrator in order not to make any wrong statements here.

 

Changing the domain

If the domain has to be adapted, mark all accordant elements first. Via a click with your right mouse button afterwards you can then select the option set LDAP domain.

 

LDAP_Update_Change_Domain

 

Then select the correct domain in the following window and confirm with OK.

 

LDAP_Update_define_Domain

 

Afterwards you can see the change of the domain.

 

LDAP_Update_Domain_ok

 

Notice:

Do not forget to check and if necessary change the domain also at the groups!

 

Attention!

If the domain which is assigned to the users and groups does not conform to the domain from the configuration the concerned elements will be set again at the next synchronization and then exist twice. In this case you necessarily need to delete the new elements, because otherwise you will lose the rights of the users. After the deletion of the elements adapt the domain and import again.

 

Deleted users and groups have to be reproduced via a backup, because at another import the accordant rights get lost.

 

 

Read out Active Directory and synchronize

With a click on Active Directory import now the Active Directory outlook opens. When opening the first time no elements are marked here. As soon as you open the tree structure you can see which elements are marked for import.

 

LDAP_Update_Tree

 

In this outlook different markings can occur which are described under import/readout users and groups.

 

Notice:

Before the version 6.3 there was no recursive group synchronization in Password Safe. Therefore all groups are excluded from the synchronization after the update. If you want to synchronize the groups in the future as well you can set the accordant markings. Consider that all users that exist in the Active Directory in the group are therefore imported. If more users should be imported than licenses exist they will be automatically deactivated.

 

Via a concluding click on OK now all accordingly marked elements are imported or synchronized. The LDAP connection is now completely configrued.