How to configure AD Authentication for RCM?
Article ID: 50981
Updated On: 04-28-2025
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
Issue/Introduction
How to configure AD Authentication for RCM?
Environment
Release: 12.5 SP2
Component: SGRM
Component: SGRM
Resolution
Solution:
Set the following properties through the RCM portal under Administration => Settings => System Properties:
- sage.security.disable = false
- sage.security.disable.ADAuthentication = false
- security.ldap.server = <domain name> (example: test_domain.com)
- security.manager.dn = <AD bind account> (example: administrator). The DN might be required only when using SSL authentication
- security.manager.password = <AD bind account's password>
- You MUST have a Login ID filed in the UDB with the domain name (example: domain\test)
- When logging in, the user MUST provide the Login ID (example: domain\test)
- sage.security.siteminder.domain.attribute = rcm_testdomain
- sage.security.credentials.expiration.seconds = 60
- sage.security.eurekify.keystore.password = (leave empty)
- sage.security.GUID.expiration.minutes = 360
- sage.security.disable.webpage.authorization = false
- sage.security.siteminder.username.attribute = sm_testuser
- sage.security.eurekify.keyStore.file = (leave blank)
- sage.security.GUID.expiration.delta.seconds = 60
- sage.security.siteminder.enabled = false
- sage.security.disable.ADAuthentication = false
- sage.security.disable.ssl.ADAUthentication = true
If the username/password is not correct, a misleading error message will be displayed:
Errors related to wrong username/password will NOT be logged into the server log file, however, if the RCM server can't access the AD, then an error message will be logged in the log file.
Feedback
Was this article helpful?
Yes
No
Powered by
