5 Using an LDAP directory

MyID uses an LDAP directory as the primary data source for user records. When you select a user, MyID performs an LDAP search against the configured directory. A copy of the data found is cached in the internal MyID database, but the latest data from the directory is used in preference to any cached data.

Settings that determine how MyID and an LDAP directory interact are found on the LDAP page in the Operation Settings workflow (in the Configuration category). You can choose to update the information stored in MyID from an LDAP directory, and to update information in the directory based on details entered into MyID.

When a user's details have been imported from a directory, the data held in MyID and the LDAP directory are synchronized in the following ways:

• User data is synchronized using the Edit Person workflow.
• Information is automatically synchronized when a record is selected.

Processes within MyID may be triggered by changes to directory information. For example, certificates may be revoked when an account is disabled.

Note: This chapter assumes that you understand the concepts of an LDAP directory and have access to the documentation provided with the directory you are using.