Mapping

This is one of the most significant tabs of this module. There are two features include in the tab:

  1. Attribute Mapping: This feature can be used to map user attributes coming from LDAP Server with Drupal's user details.
    It provides the feature to map attribute like Email Attribute. While auto registering the users in your Drupal site, these attributes will automatically get mapped to your Drupal user details.

  2. Role Mapping: This feature can be used to map different Drupal roles to different users based on their LDAP/AD Server roles/groups. This feature also allows managing single sign-on ( SSO ) for users based on their roles/groups.

Attribute Mapping

Attributes are the user details that are stored in your LDAP Server. Attribute Mapping allows you to retrieve user attributes from your LDAP server and map them to Drupal user attributes.

  • This feature allows you to map user attributes from LDAP Server to Drupal user details.

  • It provides the feature to map attributes like Email Attribute. While auto registering the users in your Drupal site, these attributes will automatically get mapped to your Drupal user details.

  • You can see Email are must. While auto registering the users in your Drupal site, these attributes will automatically get mapped to your Drupal user details.

Enter Email Attribute that you are map form here

  • Users can also perform the Custom Attribute Mapping. Click on Add custom Attributes (+) plus button to perform more than one mapping.

  • It's provides an additional feature to Add Custom Attributes, which allows to users can Add extra LDAP server attributes that they want to be included in their user profile.

you can enter email attribute in this textfield that retrieve from your LDAP/AD server

  • Suppose, if you want to add attributes like distinguishedname, samaccountname, userprincipalname, objectcategory etc., you will be simply have to add attributes and map them from LDAP Server.

  • You can see the attributes you received from the LDAP/AD Server in the image below.

scroll down and click on get your attribute button to show your attribute that received from ldap server

  • If you want to map these attributes in your Drupal site, simply go to Add Custom Attributes and add those attributes by providing the attribute names from the LDAP Server and giving your names by which you want to store those attributes.

go to the add custom attribute and add those attribute by providing the attribute name from the ldap server

Custom Attribute Mapping

  • If you want to retrieve extra attribute from your Drupal site, you must first create field in Drupal. Please refer these steps below:

How to create Attribute field in Drupal

  • Navigate to the Configuration tab.

  • Under People section, select Account Setting.

  • Click on the Manage fields Tab.

  • Select + Add Field button.

  • Add a new field: In this dropdown select the field type and enter the field name in the textbox and click on the Save Configuration button to save your textfield.

  • Under Field Setting tab: The following steps are given below:

    • Maximum length: You can define the text length in this field.

    • Allowed number of values: In this field allow number of value

      • Limited: Define a number from here.

      • Unlimited

  • After, click on the Save field Setting button to see next step.

  • Under Edit tab scroll down and click on Save Settings.

Instruction:

  • Navigate to the People tab.

  • Under Operation tab, click on the Edit button.

  • You are be able to see your LDAP attribute that you mapped in the user profile.

to see your custom attribute in the drupal site

Role Mapping

  • Role Mapping has created to assign roles to users based on their LDAP attributes. The specific role will be assigned to users once they meet the specified conditions when logging into Drupal via authentication.

  • This feature allows you to map numerous different Drupal roles to different users based authentication on their LDAP Server roles/groups.

  • This feature helps you to provide user capabilities based on their LDAP Server attribute values.

  • Click on the Enable Role Mapping checkbox and you can select default group for the user.

  • Drupal have given two pre-defined roles:

    • Authenticated user

    • Administrator

enable role mapping and select default group role for user

  • Since, you have added any custom roles, they will displayed in the role mapping section as well. To use this feature you have to map a Group/Role coming from your LDAP Server in the Group/Role field.

  • You must provide the Attribute Name into the LDAP Group Name area and select Drupal Role textfield and fill in corresponding LDAP Server Role reflecting different values regarding that have separated Group/Role value for Authenticated user and Administrator.

  • Click on Save Configuration button.

enter ldap gruop name and ldap server attribute value

  • If you enable this option, your previous position will not be removed and you will be assigned to a new opportunity for the same user.

    • For example, If the role of the developer is assigned to user A, the user can perform code manipulations, but if a new role position is assigned to User A, let us take Author. An author can read write and create new articles. Still, the existing role of the developer is intact with user A.

  • Click on the Save Configuration button.

assign new role for the existing user

Custom Role Mapping

  • If you want to create custom roles in the Drupal, following these steps are given below.

How to create Roles in Drupal

  • Navigate to the People tab in the top menu bar.

  • Under People tab click on the Roles tab.

  • Click on the + Add role button.

  • In the Role Name textfield, Enter role name then click on Save.

    Note: If you have create role in Drupal, they are automatically added in your Select default group for the users dropdown list.

Instruction:

  • Navigate to the People Tab.

  • Now, you can see the assign roles from the user show in image below.

go to the people tab and you can the assign role from the user