Skip to main content
Version: 2.2.3

Configuring SoftExpert Identity via XML file

As mentioned in step 2 of the Configuration for synchronization without direct access to the directory service - SoftExpert Identity section, it is possible to set up the application by directly changing the XML file that stores the settings. However, it is always recommended that the configuration be set through the graphical interface, since, this way, the data entered will be validated, and connection tests will be performed.

It is important to highlight that direct changes to the XML file must be made by a professional with prior XML (Extensible Markup Language) knowledge. The configuration file is located at "conf/se-identity.xml", next to the SoftExpert Identity executable (se-identity.jar).

Below is a description of each of the fields contained in the XML:

Connection to Microsoft AD:

  • url: URL to access Microsoft AD using the LDAP protocol. For example:
<url>ldap://softexpert.local:389</url>
  • userLdap: Name (displayName, not login) of the user with permission to query data in Microsoft AD.
  • passwordLdap: Password of the user with permission to query data in Microsoft AD.
  • loginUserLdap: User login for authentication to the LDAP server.

General data:

  • enable: When registering the domain in SoftExpert Suite, set the status to "Enable".
  • released: When registering the domain in SoftExpert Suite, set the status to "Released".
  • ssoPort: Domain address port. fgSyncLanguage: Defines the language of the synchronized user (0 - English, 1 - Portuguese, 2 - Spanish).

Domain identification:

  • domain: Domain name.
  • domainIdentifier: Domain ID #.

User selection:

  • importDN: Path in the directory structure where users are located.
  • userAuthorizationPattern: Filter to select users who will be integrated with SoftExpert Suite.
  • defaultSynchronyzerFilter: ID # that will be used as a key in the first integration with existing users in the SoftExpert Suite database.
  • onLoginImport: If enabled, it imports the user into SoftExpert Suite as soon as they authenticate themself to the system (requires direct access from SoftExpert Suite to the directory service via LDAP).

Group selection:

  • importGroupDN: Path in the directory structure where groups are located.
  • groupAuthorizationPattern: Filter to select the groups that will be integrated with SoftExpert Suite.

Team selection:

  • importTeamDN: Path in the directory structure where teams are located.
  • teamAuthorizationPattern: Filter to select the teams that will be integrated with SoftExpert Suite.

User data:

  • nmSyncFieldNmDomainUID: User record field in Microsoft AD that will be used as a unique identifier in the SoftExpert Suite user record.
  • nmSyncFieldIdLogin: User record field in Microsoft AD that will be used as login in the SoftExpert Suite user record.
  • nmSyncFieldIdUser: User record field in Microsoft AD that will be used as ID in the SoftExpert Suite user record.
  • nmSyncFieldNmUser: User record field in Microsoft AD that will be used as name in the SoftExpert Suite user record.
  • nmSyncFieldDsUserEmail: User record field in Microsoft AD that will be used as e-mail in the SoftExpert Suite user record.
  • fgSyncNotice: Indicates whether the user will receive notifications on training, improvements, and system news.

Leader synchronization:

  • fgSyncLeader: Enables/disables leader synchronization.
  • distinguishedName: Leader identifying attribute. Default: 'distinguishedName' or 'entryDN' for OpenLDAP.
  • customManager: Relationship attribute. Default: 'manager'.
  • fgDontSyncLeaderCircleRef: Does not synchronize leaders of users with circular reference.
  • fgIgnoreLeaderNotFound: Ignores errors of leader not found.

Position data:

  • fgSyncPos: Indicates whether user position synchronization is active in SoftExpert Suite.
  • nmSyncFieldIdPosition: User record field in Microsoft AD that will be used as ID # in the SoftExpert Suite position record.
  • nmSyncFieldNmPosition: User record field in Microsoft AD that will be used as name in the SoftExpert Suite position record.
  • fgSyncPosEnabled: Indicates whether the user will be created as enabled or disabled in SoftExpert Suite.
  • fgSyncDept: Indicates whether user department synchronization is active in SoftExpert Suite.
  • nmSyncFieldNmDepartment: User record field in Microsoft AD that will be used as ID # in the SoftExpert Suite department record.
  • nmSyncFieldIdDepartment: User record field in Microsoft AD that will be used as name in the SoftExpert Suite department record.
  • fgSyncDeptEnabled: Indicates whether the department will be registered as enabled or disabled in SoftExpert Suite.

Default access group:

  • idDefaultAccessGroup: Access group code. If set, this will be the default access group for user synchronization.

Access group data:

  • fgSyncAccessGroup: Indicates whether the synchronization of a user's access group is active in SoftExpert Suite.
  • nmSyncFieldIdAccessGroup: User record field in Microsoft AD that will be considered as ID # for creating the link between the user and their respective access group in SoftExpert Suite.

Team details:

  • fgSyncTeam: Indicates whether the synchronization of a user's team is active in SoftExpert Suite.
  • nmSyncFieldIdTeam: User record field in Microsoft AD that will be used as ID # in the SoftExpert Suite team record.
  • nmSyncFieldNmTeam: User record field in Microsoft AD that will be used as name in the SoftExpert Suite team record.

Connection to SoftExpert Suite:

  • nmAddress: SoftExpert Suite access address (https://domain/).
  • nmSEUser: Login of the user used for authentication to SoftExpert Suite with permission to perform the integration.
  • nmSEPassword: Password of the user used for authentication to SoftExpert Suite with permission to perform the integration.

Data for notification synchronization:

  • qtNotifierPeriod: Time limit for synchronization inactivity. The system administrator will be notified via e-mail when this period of inactivity is reached.
  • fgNotifierPeriodType: Type of time limit for synchronization inactivity. Available types: Minutes, Hours, Days, and Weeks.
  • mergeDepartmentFunction: If enabled, when the user is synchronized, the department of the AD user will be replaced with the current department linked in SoftExpert Suite. If disabled, the department of the AD user will be added among their linked departments in SoftExpert Suite.