Need Advice on Setting UP IAM for Multiple Providers for our Infrastructure
search cancel

Need Advice on Setting UP IAM for Multiple Providers for our Infrastructure

book

Article ID: 189381

calendar_today

Updated On:

Products

CA Application Test Service Virtualization

Issue/Introduction

Need some advice on how to configure for the below scenario:

DevTest using Derby.
We have users setup in two different LDAP providers, users in both providers.
One LDAP provider is for our Production DevTest environment.
The other LDAP provider is for our Development DevTest environment.

The users in the PROD LDAP provider have lower authority.
The users in the DEV LDAP provider have higher authority.

We have this DevTest infrastructure:

One IAM setup with both PROD and DEV LDAP providers.
One Enterprise Dashboard (EDB) pointing to the one IAM.
PROD Registry and DEV Registry point to the same EDB.

IAM has the PROD LDAP set to priority 0 and the DEV LDAP set to a priority of 1.

Because of the way the LDAP providers are searched, when the user logs in to DevTest and connects to the DEV Registry, it will get the lower authority of the PROD LDAP since this provider is looked at first and the user is in this provider.

 

 

 

 

Environment

All supported DevTest releases.

Resolution

Suggest having two IAM and Enterprise Dashboard.
 
Configure one LDAP on one IAM and the other LDAP on the other IAM since not able to distinguish the different users that are in both providers in one IAM.

Connect the Enterprise Dashboards accordingly to IAM.

Connect the Registries accordingly to Enterprise Dashboards.
Powered by Wolken Software