Create Workflow for Users/LDAP Login

Hello Guys,

I am not very experienced with this Topic so maybe someone can help.
I tried to create a Workflow for the Users logging in via LDAP Authentication.
Attributes are fine (Department,telephone, street etc) and fetched @Login.
Is there a possiblity to put them in different SuiteCRM Groups and delegate created Roles to them by just queering there Department?
Maybe like this:

User “XYZ” | Department:IT
gets Role:IT
gets group EDV

Thank you anyway

B.T.

You need to copy the modules/Users/authentication/LDAPAuthenticate/ directory to custom/modules/Users/authentication/LDAPAuthenticate.

Edit custom/modules/Users/authentication/LDAPAuthenticate/LDAPConfigs/default.php file which maps the LDAP fields to the files in the user module. This is done by editing the “key” => “value” array.

For example

'users'=>
		array(
			'fields'=>
						array(
//...
							"department" => 'department', // map the ldap department to the department field
//...
						)
		),

Create a workflow.

• • Set the module to users.
• • Add a condition that checks to see it the department equals your desired value.
• • Add an action. Set Action to modify record Set the record type to “Security Groups…”. Then click add relationship. Select the first drop down to “users”, the next drop down to "field " and the last drop down to “id”.

That should do what you need.

Hi, your post has been extremely helpful, thank you!

I do however have an issue with keeping the LDAP Attributes refreshed in SuiteCRM.

If you login as a new user, all of the desired attributes are correctly mapped to the SuiteCRM fields

If you log in as an existing LDAP user, the Attributes are not updated. This makes Administration more difficult.

Any ideas to force a refresh of LDAP Attributes on login for all users ?

Thanks
Chris