Hi All,
Running 6.4.01.200 on windows.
I am looking at using active directory for user authentication, but am having trouble with the format of the username in the EM Authorizations window.
The manual suggests the following:-
Enter the user name and domain as they are defined in the LDAP or Active
Directory server in the LDAP Directory Service User and Domain Name field.
In the following example, the user em belongs to a group called adminuser, which
resides in the domain admins.bmc.com.
em.adminuser@admins.bmc.com
If the user belongs to a specific organizational unit (OU) defined in LDAP or
Active Directory, the OU needs to precede the domain separator (@), and must be
distinguished using a slash (/).
em.adminuser/org.unit@admins.bmc.com
If any part of the user definition in LDAP or Active Directory includes @, /, or . characters,
these characters must be preceded by a backslash.
Examples:
■ If the group name in LDAP or Active Directory is admin/user, you must define it in
CONTROL-M/EM as em.admin\/user/org.unit@admins.bmc.com.
■ If the user name in LDAP or Active Directory includes initials, for example EU, you
must define it in CONTROL-M/EM as emuser
EU\..adminuser/org.unit@admins.bmc.com.
1) Does anyone have any examples of a working scenario?
2) Why in the BMC examples is the @ not preceded with \?
As always, any help appreciated.
Deano
Logging on via Active Directory
Go to this link: it's a screencast from BMC that explain how to enable Active Directory authentification:
Knowledge DB : (SLN000015112984)
ftp://ftp.bmc.com/pub/control-m/support ... TROL-M.mp4
Knowledge DB : (SLN000015112984)
ftp://ftp.bmc.com/pub/control-m/support ... TROL-M.mp4
Thanks Zimbo, but we cannot see media files on the internet at work!Zimbo wrote:Go to this link: it's a screencast from BMC that explain how to enable Active Directory authentification:
Knowledge DB : (SLN000015112984)
ftp://ftp.bmc.com/pub/control-m/support ... TROL-M.mp4
It appears to me that we are not successfully connecting to the LDAP server.
I have just completed this in 6.3.01 but it should be the same.
Example ID is: Doe\, John/Users.Systems.Brooklyn@wwr.com
Active Directory User is Doe, John and must be entered with \ before the comma.
Domain: wwr.com
Org.Unit: In active directory Brooklyn is the root with Systems as a subfolder and Users a subfolder of Systems. Changed to Users.Systems.Brooklyn.
Hope this helps.
Example ID is: Doe\, John/Users.Systems.Brooklyn@wwr.com
Active Directory User is Doe, John and must be entered with \ before the comma.
Domain: wwr.com
Org.Unit: In active directory Brooklyn is the root with Systems as a subfolder and Users a subfolder of Systems. Changed to Users.Systems.Brooklyn.
Hope this helps.