Documentation for Crowd 2.4. Documentation for other versions of Crowd is available too.
Remote Crowd directories allow Crowd to Crowd connections. In other words, one Crowd server can obtain users and groups from another Crowd server.
Two things need to be done in order to configure the local Crowd server to obtain users and groups from a remote Crowd server:
- The local Crowd server needs to be given access to the remote Crowd server. This is achieved by adding a new application on the remote Crowd server.
- The new Remote Crowd directory needs to be added to the local Crowd server with details on how to connect to the remote Crowd server.
In our local testing, we found that it took about 4 minutes to sync to external Crowd with 10 000 users, 1 000 groups, and 200 000 memberships.
Roles are not supported in Remote Crowd Directories.
To configure a Remote Crowd directory,
- Log in to the Crowd Administration Console in the remote Crowd server.
- Add a new application which will be the local Crowd server. The application name and password entered here will be used later by the local Crowd server to connect to the remote Crowd server.
- Log in to the Crowd Administration Console in the local Crowd server.
- Click the 'Directories' tab in the top navigation bar.
- This will display the Directory Browser. Click 'Add Directory' in the left-hand menu.
- Click the 'Remote Crowd' button.
- The 'Details' tab will appear. See screenshot 1 below. Enter the 'Name' and 'Description' (see table of fields below).
- We recommend that you leave 'Cache Enabled' at its default setting (enabled). Remote Crowd directory caching works the same way as it does for LDAP directories. For more information, see Configuring Caching for an LDAP Directory.
- Click the 'Connection' tab. See screenshot 2 below.
- Fill in the basic connection information for your remote Crowd server.
- Click the 'Test Connection' button to verify that Crowd can successfully connect to the directory.
- Click the 'Permissions' tab to configure the directory's permissions.
Configuring Directory Details
Screenshot 1: Directory details
属性 |
説明 |
|---|---|
名前 |
The name used to identify the directory within Crowd. This is useful when there are multiple directories configured, e.g. 'Chicago Employees' or 'Web Customers'. |
説明 |
Details about this specific directory. |
アクティブ |
Only deselect this if you wish to prevent all users within the directory from accessing all mapped applications. If a directory is not marked as 'Active', it is inactive. Inactive directories are:
|
Cache Enabled |
We recommend that you turn on caching. Remote Crowd directory caching works the same way as it does for LDAP directories. For more information, see Configuring Caching for an LDAP Directory. |
Use Nested Groups |
Enable or disable support for nested groups on the Remote Crowd directory. |
Configuring Connection Details
Screenshot 2: Connection details
属性 |
説明 |
|---|---|
URL |
The connection URL to use when connecting to the directory server. The URL should be in the following format: http://domainname:port/crowd. |
アプリケーション名 |
Application name used to authenticate to the remote Crowd server. |
アプリケーション パスワード |
Application password used to authenticate to the remote Crowd server. |
コネクション タイムアウト |
The time, in seconds, to wait for a connection to be established. If there is no connection within the specified time period, the connection attempt will be aborted. A value of 0 (zero) means there is no limit. |
Max Connections |
The maximum number of simultaneous connections to remote Crowd server. |
Proxy Host |
HTTP proxy server domain name. This field is required if the remote Crowd server is behind a HTTP proxy. |
Proxy Port |
HTTP proxy server port number. This field is required if the remote Crowd server is behind a HTTP proxy. |
Proxy Username |
HTTP proxy server username. This field is required if the HTTP proxy server requires authentication. |
Proxy Password |
HTTP proxy server password. This field is required if the HTTP proxy server requires authentication. |
Polling Interval |
Crowd will synchronise with the remote Crowd server every x minutes, where 'x' is the number specified here. Remote Crowd directory caching works the same way as it does for LDAP directories, for which there is more information in Configuring Caching for an LDAP Directory. |
次のステップ
Specify the directory permissions, which allow you to restrict the way in which applications can use the directories. See Specifying Directory Permissions.
Once you have configured the directory's permissions, you have finished configuring your new directory. You can then map the directory to the appropriate applications.
関連トピック
- Using the Directory Browser
- ディレクトリの追加
- Configuring an Internal Directory
- LDAP ディレクトリ コネクタの設定
- Configuring a Remote Crowd Directory
- Configuring a Custom Directory Connector
- Configuring a Delegated Authentication Directory
- Configuring Caching for an LDAP Directory
- Using Naive DN Matching
- Specifying Directory Permissions
- ユーザーとグループをディレクトリにインポートする
概要
コンテンツ ツール
アプリ
Log a request with our support team.
Raise an issue for our developers.
See answers from the community.
Blog and update our documentation.
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.