Autosys proof of using LDAP
search cancel

Autosys proof of using LDAP


Article ID: 255776


Updated On:


Autosys Workload Automation


Our security team is asking for 'Proof' that Autosys is using LDAP. 
Per them," We want to see the configuration in lAutosys which showing that AD authentication is enabled for Autosys". 
We have sent them the screen show of the EEM User store configuration which shows the 'Reference from an external LDAP Directory' as the one chosen(clicked).
The configuration type is 'Basic LDAP Directory' and the name is 'corp'. 
Are there any other ways to prove to our security team what they're asking?



EEM 11.3.6 12.x


Each security team's acceptance will be unique.
Currently, there is nothing designed into the application to provide proof of configuration.

Below are a couple of suggestions that might provide the proof required

Option 1:
You could go into EEM and then do a search for users and groups in the manage identities tab to demonstrate you pulling back live information from your AD environment.
Do a search for testuser1 ( that does not currently exist)
Add the user to AD
Then repeat the search for the user to show it...

The same could be done with groups.

Option 2:
Or you could show an LDAP user that can login to WCC, then have the LDAP account disabled and show that it can no longer log into WCC

This of course all depends on how large your AD infrastructure is and how long replication takes.
Short of the above, we do not have any other proof we can provide to the requesting party

Additional Information

the C:\Program Files\CA\SharedComponents\EmbeddedEntitlementsManager\config\server\server.xml file contains the user store definition.  
This is the same as showing the customer the ui. 

A client should always have a backup of this file.