Skip to main content

LDAP Settings

The LDAP Settings screen is the grouping table behind the Users by applications view. Each row associates an AD department with an application and a free-form group label.

The same configuration drives the Excel export — one file per department, with one sheet per application inside, plus a sheet listing all LDAP entries. It is the deliverable auditors usually request to confirm "who is in which AD department, on which application, with which roles".

At a glance

Nomasx-1 · Security · LDAP · SettingsExport ExcelAPP IDAPPLICATION NAMEGROUPAD DEPARTMENT12JDE ProductionFINANCEFIN-AP12JDE ProductionFINANCEFIN-AR12JDE ProductionSUPPLYSC-OPS21SAP ProductionHRHR-PAYROLL12 rows · export builds one .xlsx per department · one sheet per application inside

Goal of the view

Two complementary purposes:

  • Group AD departments. The Group column is a human label that rolls several AD departments into one functional bucket (FINANCE covers FIN-AP, FIN-AR, FIN-CONTROL, …). It controls how the Users by applications view groups its rows.
  • Drive the Excel export. From the Users by applications view, an export button generates one Excel file per department, one sheet per application inside each file, and a sheet listing all LDAP entries as appendix. The mapping rows here are what the export iterates over.

Columns

ColumnSourceWhat it tells you
Application IDAPPS_ID — application identifier from the source system.The application the row attaches the department to.
Application NameAPPS_NAME — name from SETTINGS_APPLICATIONS.Friendly label of the application.
GroupLDAPD_GROUP — free text.Human label rolling several AD departments together. Used as a sort / breakdown axis on the Users by applications grid.
AD DepartmentLDAP_DEPARTMENT — must match the department attribute of an LDAP entry.The AD department to include in the export for the application.

The grid is read-only here. Rows are maintained through the configuration table SECURITY_LDAP_DPT; the screen surfaces what is configured.

Tips & best practices

  • One row per (Application × Department) pair — duplicate rows are not needed. If a department covers several applications, add one row per application.
  • Keep the Group labels stable — changing them changes the breakdown of the export and complicates the comparison with the previous quarter's deliverable.
  • A department not listed here is not exported — even if AD users with that department exist in the LDAP Users screen, they will not appear on the per-department Excel file. Add a row when a new department starts producing access requests.
  • The "all LDAP entries" sheet in the exported file is the unfiltered raw catalog — useful for the audit appendix and as a cross-check when a row seems missing from one of the per-application sheets.