How to use a Custom Mapping in EEM External Directory configuration to change the Directory Server Attribute used by EEM for User Name and for Login purposes?
Article ID: 50378
Updated On:
Products
CA IT Asset Manager
CA Software Asset Manager (CA SAM)
ASSET PORTFOLIO MGMT- SERVER
SUPPORT AUTOMATION- SERVER
CA Service Desk Manager - Unified Self Service
CA Service Desk Manager
CA Service Management - Asset Portfolio Management
CA Service Management - Service Desk Manager
Issue/Introduction
Using Active Directory as an example, the following shows how to use a Custom Mapping to modify the Directory Server Attribute EEM utilizes to identify users.
The following example uses Active Directory, but the information can be applied to other Directory Servers and other Attributes as needed.
Environment
CA Service Management 17.1 and higher.
Resolution
By default the EEM Active Directory configuration utilizes the sAMAccountName as the EEM user's Username and for authentication. In some
environments changing to another identifier is necessary, such as userPrincipalName.
To achieve this, EEM allows for Custom Mapping Directory Attributes.
- Log into EEM as the EiamAdmin user.
- Select the Configure Tab, Click on EEM Server, and select Global Users / Global Groups.
- Change the "Type" from Active Directory to Custom Mapping, and the "Label in Use:" to Microsoft Active Directory.
- Complete the rest of the configuration and verify that the Bind is successful.
- Click the "Label" folder to the right of the Type drop down.
- Change the User Name user Attribute from sAMAccountName to userPrincipalName.
- Save and verify that the bind and load is successful.
EEM will now be using the Active Directory userPrincipalName for the EEM User Name attribute and for the users login into EEM.
Attachments
Feedback
Yes
No
Powered by
