Use LDAP Synchronization Tool

Before you use LDAP Synchronization Tool for the first time, ensure that you create a backup copy of the destination OneSpan Authentication Server data store. The following topics describe how to use LDAP Synchronization Tool and include simple recommendations for proper use.

Validate enabled profiles

To validate all the profiles that have been defined and enabled, click Validate enabled profiles. This will validate:

• Connections to the source LDAP data store and the destination OneSpan Authentication Server data store.

• That all the required profile information is present.

• That a logon attempt to OneSpan Authentication Server using the supplied criteria is successful.

• The organizational unit structure on the destination OneSpan Authentication Server data store. If it does not match the required structure according to the synchronization rules, an error will be reported.

Test run

To verify that the outcome of a synchronization is what you expect, perform a test run. This is best done before scheduling a synchronization.

To perform a test run, select the profile to be tested in the Profiles window and click Test run. Doing so will initiate a process that attempts a synchronization without actually performing any updates. This process provides information regarding the success or failure of the synchronization specified.

Note the following:

• If an organizational unit needs to be created, it will be held in memory to enable the searches to be performed for updating users and user attributes.

• If users have to be created and updated in the same test run, it will appear that those users have been created a number of times in the results.

Unsupported characters for the User ID and User Name fields are automatically replaced with the underscore character '_' (see Table:  Mapping data types).