This plugin provides a user directory implementation that retrieves user and group information from an LDAP server. To use it, go to System Setting > Directory Manager Setting, select "LDAP Directory Manager" from the drop-down list and click on "select" the Select button.
Figure 1 : Steps to enable Enable LDAP Directory Manager
After that, a configuration screen (as in Figure 2) will appear, set it accordingly . Set the LDAP Directory Manager according to your LDAP organization structure and , then submit it.
Figure 2: LDAP Directory Manager configuration screenConfiguration Screen
After the configurations are have been set correctly set, the LDAP directory manager implementation will be be enableenabled. You require will be required to log out and then to log in again. You can use the value set in the "Admin Username (Principal)" and "Admin Password (Credential)" to log in to login the Workflow Management Console as admin "Admin" in the case that your LDAP directory manager configuration doesn't work. Note that when the LDAP directory manager implementation is enabled, the "Setup Users" in the main navigator of Workflow Management Console will be is disabled.
Figure 3: After LDAP directory manager is enabled
...
Admin Username (Principal) : Login username (also known as principal) of the LDAP user that who has permission to browse the targeted LDAP server. It It can also can be be used to log in to login the Workflow Management Console as admin "Admin" (useful in the event when that the LDAP Plugin configuration doesn't work).
Admin Password (Credential) : Login password (also known as credential) of the LDAP user that has permission to browse the targeted LDAP server. It It can also can be be used to login log in to the Workflow Management Console as admin (useful in the event when that the LDAP Plugin configuration doesn't work).
...
User Base DN : Base DN of the LDAP user entries. If ; if not specified, the Root DN will be used.
User Import Search Filter : LDAP filter query to return LDAP user entries. eg. "(objectClass=person)". Refer ; refer to LDAP Filter Syntax.
Attribute Mapping - Username : LDAP entry attribute that return returns the username of the user (e. egg., "sAMAccountName".)
Attribute Mapping - First Name : LDAP entry attribute that return returns the first name of the user.
Attribute Mapping - Last Name : LDAP entry attribute that return returns the last name of the user.
Attribute Mapping - Email : LDAP entry attribute that return returns the email of the user.
Attribute Mapping - Status : LDAP entry attribute that return returns the status of the user. Returned value ; the returned value should be either 1 or 0. If not specified, the value will be set to 1 for all users.
Attribute Mapping - Time Zone : LDAP entry attribute that return returns the time zone of the user. Returned ; the returned value should be a number from -12 to 12 (>= -12 and <= 12).
Attribute Mapping - Report To : LDAP entry attribute that return returns the primary attribute value of a an LDAP user entry which a user is reporting to (e. egg., "manager". The ); the "reportTo" takes higher precedence than the HOD defined in Department
Map To "Report To" Entry Attribute : The the primary attribute of a an LDAP entry that return returns by "Report To" (e. egg., "distinguishedName".)
Attribute Mapping - Groups : LDAP entry attribute that return returns the primary attribute value of a an LDAP group entry which a user is belonging belongs to (e. egg., "memberOf". Used ); used only when groups group info is also kept in the LDAP user.
Map To LDAP Group Entry Primary Attribute : The the primary attribute of a an LDAP entry that return returns by "Groups" (e. egg., "distinguishedName".)
Attribute Mapping - Departments : LDAP entry attribute that return returns the primary attribute value of a an LDAP department entry which a user is belonging belongs to (e. egg., "memberOf". Used ); used only when departments department info is also kept in the LDAP user.
Map To LDAP Department Entry Primary Attribute : The the primary attribute of a an LDAP entry that return returns by "Departments" (e. egg., "distinguishedName".)
Page 3 : Group
Group Base DN : Base DN of the LDAP group entries. If ; if not specified, the Root DN will be used.
Group Import Search Filter : LDAP filter query to return LDAP group entries, e. egg., "(objectClass=group)". If not ; if not specified, no group will be queried. Refer to LDAP Filter Syntax.
Attribute Mapping - Id : LDAP entry attribute that return id returns the ID of the group (e. egg., "distinguishedName".)
Attribute Mapping - Name : LDAP entry attribute that return returns the name of the group.
Attribute Mapping - Description : LDAP entry attribute that return returns the description of the group.
Attribute Mapping - Users : LDAP entry attribute that return returns the primary attribute value of a an LDAP user entry (e. egg., "member".)
Map To LDAP User Entry Primary Attribute : The the primary attribute of a an LDAP entry that return returns by "Users" (e. egg., "distinguishedName".)
Page 4 : Department
Department Base DN : Base DN of the LDAP department entries. If ; if not specified, the Root DN will be used.
Department Import Search Filter : LDAP filter query to return LDAP department entries, e. egg., "(objectClass=group)". If not ; if not specified, no department will be queried. Refer to LDAP Filter Syntax.
Attribute Mapping - Id : LDAP entry attribute that return id returns the ID of the department.
Attribute Mapping - Name : LDAP entry attribute that return returns the name of the department.
Attribute Mapping - Description : LDAP entry attribute that return returns the description of the department.
Attribute Mapping - HOD : LDAP entry attribute that return returns the primary attribute value of a an LDAP user entry which representing represents a head of department (e. egg., "manager".)
Attribute Mapping - Users : LDAP entry attribute that return returns the primary attribute value of a an LDAP user entry (e. egg., "member".)
Map To LDAP User Entry Primary Attribute : The the primary attribute of a an LDAP entry that return returns by "HOD" and "Users" (e. egg., "distinguishedName".)
Page 5 : Admin Role
Admin Role Base DN : Base DN of the LDAP admin role entries. If not ; if not specified, the Root DN will be used.
Admin Role Import Search Filter :LDAP filter query to return LDAP department entries, e. egg., "(objectClass=group)". If ; if not specified, no user with administrator role will be queried. Refer to LDAP Filter Syntax.
Attribute Mapping - Users : LDAP entry attribute that return returns the primary attribute value of a an LDAP user entry (e. egg., "member". Returned Z); returned LDAP user entries will be granted with admin role in the Workflow Management Console.
Map To LDAP User Entry Primary Attribute : The the primary attribute of a an LDAP entry that return returns by "Users" (e. egg., "distinguishedName".)
Page 6 : Advanced
Result Size Per Paged Search : Controls controls the total number of entries that can be returned by a paged search. To ; to disable paged search, please set the value to 0.
Debug Mode : If if ticked, debugging messages will be logged to help troubleshooting.
...
For a brief graphical illustration, the LDAP structure looks like this: 
And using Using this sample LDAP structure, the LDAP Plugin could be configured as follows:Using this is configurable. Here is a sample configuration:
URL : ldap://hostname:389 (please change this accordingly)
...
Debug Mode :
- We can login to the Workflow Management Console with admin role, using either as "Admin" using one of these users:#* username: cn=admin,dc=joget,dc=org, password: admin
- username: clark, password: password
- These are the departments and user groups that will be pulled:#* CEO's Office
- Finance
- Human Resource & Admin
- Marketing
- Product Development
- Support & Services
- Training & Consulting