Integrating MyIT with LDAP
You can integrate BMC Remedy with Smart IT (Smart IT) and MyIT with LDAP so that you can distribute broadcasts to your LDAP distribution groups. If configured, these groups are also used whenon the MyIT Administration console.
This topic describes the basics of how to update the broadcasts.properties file to integrate with LDAP. To complete this process, you should already understand your LDAP schema so that you can make the necessary associations and set fields properly.
The following information is provided:
Properties in broadcasts.properties file
The following table lists the properties that you can set in the broadcasts.properties file:
Determines the default time for a broadcast to live. The value you provide is normalized to seconds.
If broadcast.ttl.default= is not provided, the default value is 24 hours (or 86,400,000 milliseconds).
Determines the minimum time for a broadcast to live. The value you provide is normalized to seconds.
If broadcast.ttl.minimum= is not provided, the default value is five minutes (or 300,000 milliseconds).
Determines the maximum time for a broadcast to live. The value you provide is normalized to seconds.
If broadcast.ttl.maximum= is not provided, the default value is 365 days (or 31,536,000,000 milliseconds).
Determines whether LDAP distribution groups are available for broadcasts. If broadcast.avail.ldap= is set to true, a call to the appropriate REST API instructs the MyIT Administration Console to include LDAP distribution groups for the User Groups option in the Send Broadcasts window. (Seetopic.)
If broadcast.avail.ldap= is not provided, the default value is false. If the value is false or if you do not supply a broadcasts.properties file, the User Groups option does not allow you to select user groups.
The LDAP or LDAPS URL. This URL must be in the following form: ldap://host:port or ldaps://host:port .
The default ports for LDAP and LDAPS are 389 and 686, respectively.
The LDAP authentication type. The available schemes are as follows:
The full distinguished name of the principal LDAP user.
The authentication password, in plain text.
When the MyIT and Smart IT server is started up and loads, the value for the plain text password is replaced by an encrypted password.
Timeouts and size limitations are for each partial query that makes up each functional call; they do not represent the operation as a whole.
The maximum time is in milliseconds. The value default is 300,000 (or 5 minutes). The maximum size units are per return record. The default is 1,000.
The LDAP server has preset limits configured, which you cannot usually override.
The distinguished name (DN) search base for groups.
The filter for querying groups by a conditional search substitution string that the process inserts. Include %s at the point at which the conditional search is inserted.
The filter for querying subgroups contained within other groups by name using a search string. Include %s at the point at which the search string is substituted.
Specifies group attributes to retrieve for the common name (cn), distinguished name (dn), and displayable name (name).
The DN search base for users.
The filter for querying users by the groups to which they belong, using the distinguished name of the group in question. Include %s at the point at which the search string is substituted.
User attributes to retrieve for the common name (cn), distinguished name (dn), displayable name (name), and email address (email).
To integrate MyIT and Smart IT with LDAP to send broadcasts to user groups
- Open the broadcasts.properties file, located in the TomcatInstallFolder/external-conf folder.
- Edit the LDAP properties described in the preceding table. For an example file, see in the MyIT documentation.
- Save the broadcasts.properties file.