Authenticating Login Data via LDAP

If your organization manages user data in a Microsoft Active Directory (AD) or Oracle Directory Services (ODS), users can use their standard user credentials to log on to the AE system. LDAP, the protocol that used to talk to the directory service database, enables your users to log on to the AE by using their company-wide password. Single Sign-On must be enabled in this case.

You can either activate the LDAP connection individually for each user in the corresponding User object, or use the LDAP key in the UC_SYSTEM_SETTINGS variable to activate it for a complete AE system. Thus, the Automation Engine distinguishes local and LDAP users. You can synchronize LDAP data via TLS/SSL.

To use LDAP over TLS, you must use the Java work process (JWP). It requires certain configuration to connect to the LDAP server, such as defining the JWP keystore configuration. In the Automic Automation Kubernetes Edition, the keystore file of the JWP is passed on to the AAKE system using Kubernetes secrets. Therefore, you must create the jwp-keystore Kubernetes secret for the LDAP server before installing Automic Automation Kubernetes Edition.

More information:

• Preparing for the Container-Based Installation
• LDAP Connection Setup
• UC_LDAP_EXAMPLE - LDAP Connection Variable