LDAP Properties

LDAP properties are used for both user authentication and credentials to run a job on an agent.

If you wish to use LDAP authentication for Opswise user credentials, then required steps depend on the OS that you run the task on.

For UNIX you must set up your PAM configuration to use PAM LDAP module and possibly some others depending on the LDAP flavor you are using. Once PAM is configured, tasks specifying credentials would authenticate over LDAP transparently.
For Windows no additional steps are required. You must only specify “DOMAIN\user” as the user name in your task’s credentials.

For either operating system you must configure Opswise LDAP properties to enable the LDAP bridge:

From the navigation pane, select Automation Center Administration > LDAP Properties.
You then enter the following values as it depicted on the screen shot provided.
- LDAP URL. This is the address and port your LDAP server is listening on.
- DN of the account that have privileges to browse the LDAP directory. For Windows AD, the format is “user@domain”, for UNIX LDAP the format is "cn=user,dc=domain,dc=com".
- Automation Center maps LDAP users to local Automation Center users. In order to do the mapping, you need to set up a filter that would filter the accounts you need. First parameter is the DN of the entry point of your directory. For example, if your AD domain name is “domain.com”, you need to specify “dc=domain,dc=com” there.
- The last parameter is the LDAP attribute used to query users. For Windows AD, you would typically use “sAMAccountName”, for UNIX LDAP it may be the “uid” or other attribute.
- You can specify an additional search filter, for example to retrieve "person" objects only. In order to do that, specify "objectClass=person" in the additional search filter field. The default value is "objectClass=*".

Automation Center Documentation