If your organization manages user data in a Microsoft Active Directory (AD) or Oracle Directory Services (ODS), users can use their standard user credentials to log on to the AE system. LDAP, the protocol that is used to talk to the directory service database, enables your users to log on to the AE by using their company-wide password. Single Sign-On must be enabled in this case.
You can either activate the LDAP connection individually for each user in the corresponding User object, or use the LDAP key in the UC_SYSTEM_SETTINGS variable to activate it for a complete AE system. Thus, the Automation Engine distinguishes local and LDAP users. You can synchronize LDAP data via TLS/SSL.
More information:
LDAP Sync is a command-line tool that helps you to keep the centrally administered user database synchronized with the users who are allowed to access the AE system. You can define which users or user groups of your AD/ODS should be synchronized with the AE. The periodic synchronization is scheduled according to your requirements.
Depending on your requirements, or if you are not using an AD/ODS, you can use this tool without LDAP. Instead, you can use the Password Exit function to verify user authentications.
For more information, see Synchronizing your LDAP Directory with the Automic system User Base via LDAP Sync.
See also: