search cancel

How to use a Custom Mapping in EEM External Directory configuration to change the Directory Server Attribute used by EEM for User Name and for Login purposes?


Article ID: 50378


Updated On:


CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service CA Service Desk Manager CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager


Using Active Directory as an example, the following shows how to use a Custom Mapping to modify the Directory Server Attribute EEM utilizes to identify users.

The following example uses Active Directory, but the information can be applied to other Directory Servers and other Attributes as needed.


CA Service Management 17.1 and higher.


By default the EEM Active Directory configuration utilizes the sAMAccountName as the EEM user's Username and for authentication. In some

environments changing to another identifier is necessary, such as userPrincipalName.

To achieve this, EEM allows for Custom Mapping Directory Attributes.

  1. Log into EEM as the EiamAdmin user.

  2. Select the Configure Tab, Click on EEM Server, and select Global Users / Global Groups.

  3. Change the "Type" from Active Directory to Custom Mapping, and the "Label in Use:" to Microsoft Active Directory.

  4. Complete the rest of the configuration and verify that the Bind is successful.

  5. Click the "Label" folder to the right of the Type drop down.

  6. Change the User Name user Attribute from sAMAccountName to userPrincipalName.

  7. Save and verify that the bind and load is successful.

EEM will now be using the Active Directory userPrincipalName for the EEM User Name attribute and for the users login into EEM.