This document can be used to create new users in AD server and configure LDAP integration on UIM with AD server. It also explains steps to configure the user to login to Infrastructure manager.
Open the “Server Manager” in Windows server and Expand Active Directory domain services and Right click on “Users” and go to “New” and click on “User”
Give the Display Name and required user name and click on “Next”.
Click on “Finish”.
(Optional) Create a NEW Group if required.
Add the user to group. Right click on username and click on “Add to a group”.
Verify the user have been added to group. Right click on username and click on “Properties”.
Open Hub configuration and click on Settings.
Go to “LDAP” tab and give AD server IP address and then click on “Lookup”. It would list “Group Container (DN)” and “User Container (DN)” if the lookup is successful.
Select “Authentication sequence” as LDAP->Nimsoft
Provide the AD user created. Note that sometimes it may requires domain need to mention (domain\username).
Click on “Test”. Test connection should be successful.
Create an ACL for AD user to access UIM
You can create Access Control Lists (ACLs) and can associate them with specific LDAP groups. The users in the LDAP group are then assigned the privileges for the associated ACL. For example, if an LDAP user logs in to a DX UIM component, the request is directed to the LDAP server for authentication. If the user name is found in a group that is attached to an ACL, the user is assigned privileges as defined in the ACL. If the user belongs to multiple groups, privileges are assigned from the ACL with the most extended privileges.
NOTE: LDAP users must be direct members of the group that you are connecting to an ACL. DX UIM does not support the use of Nested or Role Based groups. Bus users should not share an ACL with LDAP users, or bus users will inherit LDAP accounts..
Follow these steps:
In Infrastructure Manager, select Security > Manage Access Control List.
To create an ACL:
1. Click New under Access Control List.
2. Name the new ACL, then select an ACL (if any exist) to copy its settings. Click OK.
3. Select the desired options in the Permissions area.
To associate a group with an ACL:
1. Select the new or existing ACL.
2. Click Set LDAP Group. All groups in the container are listed.
3. Select a group and click OK.
4. Click OK in the Manage Access Control List dialog.
The new setting is active. To verify the configuration, start Infrastructure Manager and log in as an LDAP user who is not a CA Unified Infrastructure Management user. Verify that you have the appropriate privileges and can access the expected contents.