How to configure AD Authentication for RCM?

Solution:

Set the following properties through the RCM portal under Administration => Settings => System Properties:

• sage.security.disable = false
• sage.security.disable.ADAuthentication = false
• security.ldap.server = <domain name> (example: you_domain.com)
• security.manager.dn = <AD bind account> (example: administrator). The DN might be required only when using SSL authentication
• security.manager.password = <AD bind account's password>
• You MUST have a Login ID filed in the UDB with the domain name (example: domain\test)
• When logging in, the user MUST provide the Login ID (example: domain\test)
• sage.security.siteminder.domain.attribute = rcm_domain
• sage.security.credentials.expiration.seconds = 60
• sage.security.eurekify.keystore.password = (leave empty)
• sage.security.GUID.expiration.minutes = 360
• sage.security.disable.webpage.authorization = false
• sage.security.siteminder.username.attribute = sm_user
• sage.security.eurekify.keyStore.file = (leave blank)
• sage.security.GUID.expiration.delta.seconds = 60
• sage.security.siteminder.enabled = false
• sage.security.disable.ADAuthentication = false
• sage.security.disable.ssl.ADAUthentication = true

If the username/password is not correct, a misleading error message will be displayed:

(This had been encountered in v12.5 SP2, it might have been fixed in newer versions).

Errors related to wrong username/password will NOT be logged into the server log file, however, if the RCM server can't access the AD, then an error message will be logged in the log file.