2020-09-15_13-10-56_Configuring the ARDBC LDAP plug-in
You must configure the ARDBC LDAP plug-in before you create the vendor form used to access user information in your particular LDAP server.
Use the Server Group Configuration screen to configure ARDBC LDAP plug-in at global level. This screen provides a single location to manage configuration settings across the server group.
Access the Server Group Configuration screen from the following location:
- In a browser, enter the following URL address:
http://<ARSystemServerName>:<Port>/arsys/forms/<serverName> - Log in.
- Select Remedy Management Console > AR System Server Group Console > Server Group Configuration.
For more information about setting global and local level configurations, see Managing AR Server Group components by using global and local level configurations.
To configure the ARDBC LDAP plug-in, you can also use the ARDBC LDAP Configuration form in the AR System Administration Console.
This form shows the local-level value of the configuration. If a local value does not exist, the form displays the global-level configuration. If you modify the value on this form, the local level configuration value is modified. For example, if a configuration shows global-level value and you modify the value by using this form, the local-level value gets created for the configuration.
Prior to Remedy AR System 19.02, you had to configure each ARDBC LDAP source on a separate plug-in server. However, starting with Remedy AR System 19.02, you can add multiple ARDBC LDAP sources on a single plug-in server.
To add a new ARDBC LDAP source
Adding a new ARDBC LDAP source involves the following steps:
- Creating a new ARDBC LDAP configuration
- Creating a plug-in corresponding to the newly created configuration
To create a new ARDBC LDAP configuration
- Open AR System Administration Console.
- Select System > LDAP > ARDBC Configuration.
The ARDBC LDAP Configuration form is displayed.
ARDBC LDAP Configuration form
(Click the image to expand it.) - Click Create New Configuration.
- Follow the steps in the To configure the ARDBC LDAP plug-in section.
- Click Save Current Configuration.
The Create New ARDBC LDAP Component dialog box is displayed. - In the Configuration Names list, select the configuration name corresponding to the server in the server group, for which you want to add the ARDBC LDAP configuration.
- In the Component Name box, type some text, which will be used as a part of the new component name.
The component name that you provided gets appended to the selected configuration name to form a complete component name with which the new configuration is created. - Click OK.
The new configuration is saved. This configuration is listed in the Configuration column on the ARDBC LDAP Configuration form.
To create a plug-in corresponding to the newly created configuration
- In AR System Administration Console, select System > General > Plugin Server Configuration.
The Plugin Server Configuration screen is displayed.
Plugin Server Configuration screen
(Click the image to expand it.) - In the Plugin Server Instance list, select the plug-in server instance for the AR server for which the new ARDBC LDAP configuration is created.
You need to refer to step 6 to know what server you chose, and choose the plug-in server instance that hosts the AR plug-ins. Then, from the port number, you know which plug-ins this instance is hosting. The default port is 9999. - Click the Plugin Configuration tab.
- Click Create.
The Create New Plugin dialog box is displayed. In the Plugin Name box, type a name for the new plug-in.
Note
For the fields listed in step 6 through step 12, you can enter the same values as that of an existing plug-in.
- In the Plugin File Name box, type the name of the plug-in file along with the location where it is saved.
- In the Plugin Class Name box, type the class name of the plug-in.
- In the Path Elements section, click .
The following setting name is displayed in the Setting Name column:
<Plug-in Name>.pathelement.type.location - In the Setting Value column, type the value for the corresponding setting.
- In the Path Elements section, click .
The following setting name is displayed in the Setting Name column:
<Plug-in Name>.pathelement.type.location - In the preceding setting name, replace the location with path.
In the Setting Value column, type the value for the corresponding setting.
- In the User Defined Elements section, click .
A setting name is displayed in the Setting Name column. - Append
configComponentName
to the setting name. - In the Setting Value column, type the value for the corresponding setting.
The value for this setting is the name of the newly created configuration in step 8. - Click OK.
The new ARDBC LDAP source is added on the same plug-in server.
To configure the ARDBC LDAP plug-in
These are server-specific settings. In a server group environment, apply these settings on each server.
- In the AR System Administration Console, select System > LDAP > ARDBC Configuration.
The ARDBC LDAP Configuration form is displayed. - In the Host Name field, enter one or more host names of the directory service from which you want information for the vendor form. You can specify a space-separated list of host names up to 255 characters long. Starting with the first host name in the list, Remedy AR System tries to connect to each server until it is successful.
If you use Secure Socket Layer (SSL), this host name should match the name for which the server's certificate was issued. - In the Port Number field, enter a port number for this directory service. The default port number is 389. (For an SSL connection, the default is 636.)
- In the Bind User field, enter the distinguished name of the user account that the ARDBC LDAP plug-in uses to log in to the directory service. The administrator who set up the LDAP service designated this name. With the vendor form, some LDAP servers allow you to make an anonymous connection. If you plan to use an anonymous connection, leave the Bind User and Bind Password fields blank.
Otherwise, use a standard distinguished name such as cn=manager, dc=remedy, dc=com. - In the Bind Password field, enter the password for the user account. (For security, asterisks replace the characters you enter for the password.)
If you leave the Bind Name and Password fields blank, you are connected anonymously. - To use a Secure Socket Layer (SSL) connection, select Yes in the Using Secure Socket Layer field; otherwise, accept the default value No. If you select Yes, the Certificate Database field becomes active, and you can enter a certificate database as described in step 7. Because SSL requires additional setup in this form and outside Remedy AR System, you might first want to experiment without SSL and then add this option later.
- In the Certificate Database field, enter the path to the directory containing the certificate database file. Do not include the file name in the path.
To create a certificate database, see Enabling LDAP plug-ins for SSL connections postupgrade . In the LDAP Date-Time Format field, select the format to use to represent date and time to LDAP servers.
Format
Value
Description
Example: 6 a.m. Sept. 28, 2001
Generalized Time
0
YYYYMMDDHHMMSSZ This format is recognized by all LDAP servers, and it is recommended.
20010928060000Z
AD Generalized Time
1
YYYYMMDDHHMMSS.0Z This format is recognized only by Microsoft Active Directory servers.
20010928060000.0Z
UTC Time
2
YYMMDDHHMMSSZ This is a historical format and does not indicate the century. It is not recommended.
010928060000Z
For more information, see Configuring after installation.- In the Failover Timeout field, specify the number of seconds in which the directory service must respond to the plug-in server before an error is returned. The minimum value is 0 (which means the connection must be made immediately). The failover time-out cannot be set higher than the value of the Server-Plugin-Default-Timeout parameter.
In the Directory Page Size field, enter the number of entries to return in a single page to the client from the external directory server when a search request is processed.
Tip
The default Directory Page Size is 10000. However, setting Directory Page Size to a lower value, such as 1000, might help to improve your system's performance while you design and create vendor forms.
Note
Directory Page Size value should be less than or equal to the maximum page size setting on the LDAP server. For more information on ARDBC-LDAP-Page-Size, see Configuration settings A-B.In the Base DN For Discovery field, enter a base distinguished name to use instead of the root distinguished name as the basis for obtaining the list of vendor tables.
Tip
Specifying a value in the Base DN For Discovery field can help improve your system's performance while you design and create vendor forms.
- In the ARDBC Plugin Cache box, specify this ARDBC plug-in caching information:
- In the Enable field, select Yes to enable ARDBC plug-in caching.
- In the Time To Live field, specify how long data should be kept in the ARDBC plug-in cache.
In the Maximum Size field, specify the maximum size of the cache.
Tip
Enabling the ARDBC plug-in cache can help improve your system's performance at runtime.
- Click Save.
The system updates the AR System configuration settings with the parameters you specified in this form.
For more information, see Configuring after installation.
Comments
Log in or register to comment.