Initializing help system before first use

LDAP Configuration Page

By default Xpress Insight is not configured to authenticate against LDAP. Through the LDAP configuration page of the administration web interface, the integration between Xpress Insight and LDAP can be enabled and configured. This page can be accessed by selecting the LDAP tab and then clicking Edit.

Edit LDAP Configurations

The following table describes each of the fields on this page and its operation. On installation of Xpress Insight some of these fields will be defaulted to a typical value for AD configuration.

Note If LDAP enabled state is changed within Xpress Insight a restart of the Xpress Insight Server is not required. User authentication is performed based on the current value of the LDAP enabled field.
Edit LDAP Configuration fields
Field Mandatory Description
Enabled Controls whether LDAP is enabled or not.
Local accounts enabled Controls whether accounts marked as local can access Xpress Insight. See Local User Accounts for more details on this.
Note If this field is unchecked all user account that are marked as local accounts will not be able to log into the system.
Server URL Yes The URL of the LDAP server, including For example:
  • ldap://myldapserver
  • ldaps://myldapserver:636
Base suffix Yes

Base suffix from which all operations should origin

AD Example: DC=corp,DC=mycorp,DC=com

LDAP Example: dc=sample,dc=com

LDAP System user Yes

The user account to use to access the LDAP server.

AD Example: CN=myServiceAccount,OU=Windows Service Accounts,OU=Accounts,DC=corp,DC=mycorp,DC=com

LDAP System password Yes

The LDAP system user password.

Search Base DN No

Base DN where the search should begin

AD Example: ou=User Accounts, ou=Accounts

LDAP Example: ou=Users

User DN Pattern Yes

User DN pattern.

LDAP example: LDAPUserDnPattern=uid={0},ou=Users

AD example: (sAMAccountName={0})

Username attribute Yes

This maps the Xpress Insight username to the corresponding LDAP attribute within the user record.

LDAP example: uid

AD example: sAMAccountName

First name attribute Yes

This maps the Xpress Insight first name to the corresponding LDAP attribute within the user record.

LDAP example: cn

AD example: givenName

Last name attribute Yes

This maps the Xpress Insight last name to the corresponding LDAP attribute within the user record.

LDAP example: sn

AD example: sn

Email attribute Yes

This maps the Xpress Insight email address to the corresponding LDAP attribute within the user record.

LDAP example: mail

AD example: mail

Note If LDAP is enabled, Tableau is configured with Xpress Insight and has been set so that Xpress Insight manages the user accounts in Tableau, it is assumed that Tableau has been configured to also use Active Directory.
Parent Topic Authenticating Users with Active Directory or LDAP

© 2001-2019 Fair Isaac Corporation. All rights reserved. This documentation is the property of Fair Isaac Corporation (“FICO”). Receipt or possession of this documentation does not convey rights to disclose, reproduce, make derivative works, use, or allow others to use it except solely for internal evaluation purposes to determine whether to purchase a license to the software described in this documentation, or as otherwise set forth in a written software license agreement between you and FICO (or a FICO affiliate). Use of this documentation and the software described in it must conform strictly to the foregoing permitted uses, and no other use is permitted.