Logging on via Active Directory

Tools and several solutions to manage Control-M products
Post Reply
User avatar
Deano
Nouveau
Nouveau
Posts: 42
Joined: 03 Jul 2006 12:00
Location: London´

Logging on via Active Directory

Post by Deano » 09 Nov 2009 11:23

Hi All,

Running 6.4.01.200 on windows.

I am looking at using active directory for user authentication, but am having trouble with the format of the username in the EM Authorizations window.

The manual suggests the following:-

Enter the user name and domain as they are defined in the LDAP or Active
Directory server in the LDAP Directory Service User and Domain Name field.
In the following example, the user em belongs to a group called adminuser, which
resides in the domain admins.bmc.com.

em.adminuser@admins.bmc.com

If the user belongs to a specific organizational unit (OU) defined in LDAP or
Active Directory, the OU needs to precede the domain separator (@), and must be
distinguished using a slash (/).

em.adminuser/org.unit@admins.bmc.com

If any part of the user definition in LDAP or Active Directory includes @, /, or . characters,
these characters must be preceded by a backslash.
Examples:
■ If the group name in LDAP or Active Directory is admin/user, you must define it in
CONTROL-M/EM as em.admin\/user/org.unit@admins.bmc.com.
■ If the user name in LDAP or Active Directory includes initials, for example EU, you
must define it in CONTROL-M/EM as emuser
EU\..adminuser/org.unit@admins.bmc.com.

1) Does anyone have any examples of a working scenario?
2) Why in the BMC examples is the @ not preceded with \?

As always, any help appreciated.

Deano
Top
User avatar
Zimbo
Nouveau
Nouveau
Posts: 9
Joined: 12 Aug 2008 12:00

Post by Zimbo » 09 Nov 2009 4:03

Go to this link: it's a screencast from BMC that explain how to enable Active Directory authentification:

Knowledge DB : (SLN000015112984)

ftp://ftp.bmc.com/pub/control-m/support ... TROL-M.mp4
Top
User avatar
Deano
Nouveau
Nouveau
Posts: 42
Joined: 03 Jul 2006 12:00
Location: London´

Post by Deano » 10 Nov 2009 1:49

Zimbo wrote:Go to this link: it's a screencast from BMC that explain how to enable Active Directory authentification:

Knowledge DB : (SLN000015112984)

ftp://ftp.bmc.com/pub/control-m/support ... TROL-M.mp4
Thanks Zimbo, but we cannot see media files on the internet at work!

It appears to me that we are not successfully connecting to the LDAP server.
Top
User avatar
gglau
Nouveau
Nouveau
Posts: 317
Joined: 13 Jun 2007 12:00

Post by gglau » 10 Nov 2009 4:56

The link works but you have to download the file first then play it in a media player manually. This is a 11minute video.
Top
User avatar
ThePirate
Nouveau
Nouveau
Posts: 61
Joined: 04 Feb 2008 12:00
Location: Cleveland, OH

Post by ThePirate » 10 Nov 2009 7:05

I have just completed this in 6.3.01 but it should be the same.

Example ID is: Doe\, John/Users.Systems.Brooklyn@wwr.com

Active Directory User is Doe, John and must be entered with \ before the comma.

Domain: wwr.com

Org.Unit: In active directory Brooklyn is the root with Systems as a subfolder and Users a subfolder of Systems. Changed to Users.Systems.Brooklyn.

Hope this helps.
Top
User avatar
Deano
Nouveau
Nouveau
Posts: 42
Joined: 03 Jul 2006 12:00
Location: London´

Post by Deano » 16 Nov 2009 1:19

Many thanks guys. I got there in the end.

regards
Deano
Top
Post Reply

Return to “Exploitation / Operation”