Authenticating Login Data via LDAP and/or LDAP Sync

If your organization is already managing user data in a Microsoft Active Directory (AD) or Oracle Directory Services (ODS), users can use their standard user credentials to log on to the AE system. LDAP, the protocol that used to talk to the directory service database, enables your users to log on to the AE by using their company-wide password. Single Sign-On must be enabled in this case. LDAP Sync is a command-line tool that helps you to keep the centrally administered user database synchronized with the users who are allowed to access the AE system. You can define which users or user groups of your AD/ODS should be synchronized with the AE. The periodic synchronization is scheduled according to your requirements.

This section includes the following pages:

LDAP

You can either activate the LDAP connection individually for each user in the corresponding User object, or use the LDAP key in the UC_SYSTEM_SETTINGS variable to activate it for a complete AE system. Thus, the Automation Engine distinguishes local and LDAP users. You can synchronize LDAP data via SSL/TLS.

• LDAP Connection Setup
• UC_LDAP_EXAMPLE - LDAP Connection Variable

LDAP Sync

Depending on your requirements, or if you are not using an AD/ODS, you can use this tool without LDAP. Instead, you can use the Password Exit function to verify user authentications.

• Synchronizing your LDAP Directory with the Automic system User Base via LDAP Sync

See also:

• Setting up Single Sign-On
• Password Exit