Need some advice on how to configure for the below scenario:
On DevTest 10.5.0 using Derby.
We have users setup in two different LDAP providers, users in both providers.
One LDAP provider is for our Production DevTest environment.
The other LDAP provider is for our Development DevTest environment.
The users in the PROD LDAP provider have lower authority.
The users in the DEV LDAP provider have higher authority.
We have this DevTest infrastructure:
One IAM setup with both PROD and DEV LDAP providers.
One Enterprise Dashboard (EDB) pointing to the one IAM.
PROD Registry and DEV Registry point to the same EDB.
IAM has the PROD LDAP set to priority 0 and the DEV LDAP set to a priority of 1.
Because of the way the LDAP providers are searched, when the user logs in to DevTest and connects to the DEV Registry, it will get the lower authority of the PROD LDAP since this provider is looked at first and the user is in this provider.
One solution is to create an additional IAM and EDB, to keep the PROD and DEV environments apart to have their own IAM and EDB. So one IAM is configured with just the PROD LDAP provider and the other IAM configured with just the DEV LDAP provider, then have the PROD EDB point to the PROD IAM and the DEV EDB point to the DEV IAM.
We are trying to avoid having to set up a second IAM and EDB.
Any suggestions to keep our current infrastructure without having to create the additional IAM and EDB?
Release : 10.5
Component : CA Service Virtualization