Part 2: Sync Setup
Sync Setup with OpenText Core
This step assumes that you have set up the Enterprise Directory Sync Software and are logged in.
Additionally, if you have not done so already, you should have an LDAP group named “OpenText Core Users” created that contains all users to be synced with OpenText Core.
You will need a virtual machine inside your organization’s firewall that has access to your Active Directory as well as outbound access to the Internet. System Requirements: The virtual machine will require two (2) virtual CPUs and 4 GB memory and be running Windows 2008 Server (or greater) or Linux. Tomcat should be configured with -XX:MaxPermSize=2048MB
You will need to have Tomcat 7 (or greater) installed and configured prior to setting up OpenText Directory Services software.
You will need to create an Active Directory Security Group called “OpenText Core Users”. This group needs to contain all your employees who will be using OpenText Core Single Sign On. We recommend that during the initial setup, you place only one account in the group to test and verify your setup. After you have verified that the user has been synced and can login through the Enterprise Login you may add your employee base.
1. Login to OpenText Core as an Administrator of your Tenant, navigate to SSO and click "Setup Sync".
2. Enter a complex Password.
Note: You will require this password to configure the Enterprise Directory Synchronization Software.
After you click "Save", you will be shown configuration on the right-hand side of your screen required to configure the Enterprise Directory Synchronization Software later.
3. Download and Install the Enterprise Directory Synchronization Installation Software.
Additional Installation Documentation is provided to supplement this article.
4. Once OpenText Directory Services has been downloaded and installed, log in to: http://<serverhostname:port>/otds-edirsync-admin/#loginpage
Login with the credentials you specified during the install process.
5. Enter the configuration settings provided on the OpenText Core Admin page and click "Test Settings".
6. Click "Add New Sync Profile"
7. Enter your LDAP server Host Name or Address and Port, then set "Encryption Method" to "None".
8. Enter an LDAP Service Account User Name and the account password, then click "Test Authentication".
You will require a user service account within your Active Directory/LDAP in order to query your directory services. It is recommended that the service account be configured with a password that will not expire.
9. Enter "Core Sync" as the "Profile Name".
10. On the "Group Locations" screen, check "Import users from matched groups", then "Add Location". Locate the LDAP group "OpenText Core Users" containing the users you want to sync with OpenText Core and enter it.
11. On the User Mappings Screen, change or set the values as shown in this post.
12. On the "Scheduler Screen", change the "Directory Service Sync Time" to a random time of your choosing (such as "0800"), then click "Enable" to set the sync schedule.
Once the Active Directory sync has been completed, all users will need to use their network credentials for your organization via the "Enterprise Log In" at https://core.opentext.com to access OpenText Core.
Please ensure that your users are aware of this when you have successfully set up SSO as any existing credentials (simple email and user password) for OpenText Core will no longer work.