2020-09-15_13-10-55_.Configuring the ARDBC LDAP plug-in v18.08
You must configure the ARDBC LDAP plug-in before you create the vendor form used to access user information in your particular LDAP server.
Use the Server Group Configuration screen to configure ARDBC LDAP plug-in at global level.This screen provides a single location to manage configuration settings across the server group.
Access the Server Group Configuration screen from the location below:
- In a browser, enter the following URL address:
http://<midTierServerInstallDir>/arsys/forms/<serverName> - Log in.
- Select Remedy Management Console > AR System Server Group Console> Server Group Configuration.
For more information about setting global and local level configurations, see Managing AR Server Group components by using global and local level configurations.
Best Practice
This form shows the local level value of the configuration. If a local value does not exist, the form displays the global level configuration. If you modify the value on this form, the local level configuration value is modified. For example, if a configuration shows global level value and you modify the value by using this form, the local level value gets created for the configuration.
To configure the ARDBC LDAP plug-in
These are server specific settings. In a server group environment, apply these settings on each server.
- In the AR System Administration Console, click System > LDAP > ARDBC Configuration.
The ARDBC LDAP Configuration form opens in New mode.
ARDBC LDAP configuration form
(Click the image to expand it.)
- In the Host Name field, enter one or more host names of the directory service from which you want information for the vendor form. You can specify a space-separated list of host names up to 255 characters long. Starting with the first host name in the list, BMC Remedy AR System tries to connect to each server until it is successful.
If you use Secure Socket Layer (SSL), this host name should match the name for which the server's certificate was issued. - In the Port Number field, enter a port number for this directory service. The default port number is 389. (For an SSL connection, the default is 636.)
- In the Bind User field, enter the distinguished name of the user account that the ARDBC LDAP plug-in uses to log in to the directory service. The administrator who set up the LDAP service designated this name. With the vendor form, some LDAP servers allow you to make an anonymous connection. If you plan to use an anonymous connection, leave the Bind User and Bind Password fields blank.
Otherwise, use a standard distinguished name such as cn=manager, dc=remedy, dc=com. - In the Bind Password field, enter the password for the user account. (For security, asterisks replace the characters you enter for the password.)
If you leave the Bind Name and Password fields blank, you are connected anonymously. - To use a Secure Socket Layer (SSL) connection, select Yes in the Using Secure Socket Layer field; otherwise, accept the default value No. If you select Yes, the Certificate Database field becomes active, and you can enter a certificate database as described in step 7. Because SSL requires additional setup in this form and outside BMC Remedy AR System, you might first want to experiment without SSL and then add this option later.
- In the Certificate Database field, enter the path to the directory containing the certificate database file. Do not include the file name in the path.
To create a certificate database, see Enabling LDAP plug-ins for SSL connections postupgrade . In the LDAP Date-Time Format field, select the format to use to represent date and time to LDAP servers.
Format
Value
Description
Example: 6 a.m. Sept. 28, 2001
Generalized Time
0
YYYYMMDDHHMMSSZ This format is recognized by all LDAP servers, and it is recommended.
20010928060000Z
AD Generalized Time
1
YYYYMMDDHHMMSS.0Z This format is recognized only by Microsoft Active Directory servers.
20010928060000.0Z
UTC Time
2
YYMMDDHHMMSSZ This is a historical format and does not indicate the century. It is not recommended.
010928060000Z
For more information, see Configuring after installation.- In the Failover Timeout field, specify the number of seconds in which the directory service must respond to the plug-in server before an error is returned. The minimum value is 0 (which means the connection must be made immediately). The failover time-out cannot be set higher than the value of the Server-Plugin-Default-Timeout parameter.
In the Directory Page Size field, enter the number of entries to return in a single page to the client from the external directory server when a search request is processed.
Tip
The default Directory Page Size is 10000. However setting Directory Page Size to a lower value, such as 1000, might help to improve your system's performance while you design and create vendor forms.
Note
Directory Page Size value should be less than or equal to the maximum page size setting on the LDAP server. For more information on ARDBC-LDAP-Page-Size, see Configuration settings A-B.In the Base DN For Discovery field, enter a base distinguished name to use instead of the root distinguished name as the basis for obtaining the list of vendor tables.
Tip
Specifying a value in the Base DN For Discovery field can help improve your system's performance while you design and create vendor forms.
- In the ARDBC Plugin Cache box, specify this ARDBC plug-in caching information:
- In the Enable field, select Yes to enable ARDBC plug-in caching.
- In the Time To Live field, specify how long data should be kept in the ARDBC plug-in cache.
In the Maximum Size field, specify the maximum size of the cache.
Tip
Enabling the ARDBC plug-in cache can help improve your system's performance at runtime.
- Click Save.
The system updates the AR System configuration settings with the parameters you specified in this form.
For more information, see Configuring after installation.
Comments
Log in or register to comment.