How to configure AD Authentication for RCM?
search cancel

How to configure AD Authentication for RCM?

book

Article ID: 50981

calendar_today

Updated On: 04-28-2025

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

How to configure AD Authentication for RCM?

Environment

Release: 12.5 SP2
Component: SGRM

Resolution

Solution:

Set the following properties through the RCM portal under Administration => Settings => System Properties:

  • sage.security.disable = false
  • sage.security.disable.ADAuthentication = false
  • security.ldap.server = <domain name> (example: test_domain.com)
  • security.manager.dn = <AD bind account> (example: administrator). The DN might be required only when using SSL authentication
  • security.manager.password = <AD bind account's password>
  • You MUST have a Login ID filed in the UDB with the domain name (example: domain\test)
  • When logging in, the user MUST provide the Login ID (example: domain\test)
  • sage.security.siteminder.domain.attribute = rcm_testdomain
  • sage.security.credentials.expiration.seconds = 60
  • sage.security.eurekify.keystore.password = (leave empty)
  • sage.security.GUID.expiration.minutes = 360
  • sage.security.disable.webpage.authorization = false
  • sage.security.siteminder.username.attribute = sm_testuser
  • sage.security.eurekify.keyStore.file = (leave blank)
  • sage.security.GUID.expiration.delta.seconds = 60
  • sage.security.siteminder.enabled = false
  • sage.security.disable.ADAuthentication = false
  • sage.security.disable.ssl.ADAUthentication = true

If the username/password is not correct, a misleading error message will be displayed:

Errors related to wrong username/password will NOT be logged into the server log file, however, if the RCM server can't access the AD, then an error message will be logged in the log file.