If the groups in your LDAP server correspond to the user roles in the Real User Analyzer or Real User Collector components, you can map those groups to the user roles. Mapping LDAP groups to user roles enables you to manage your user permissions for the Analyzer and Collector from your LDAP server. Should some of the users in the LDAP group require a different permission, you can override the group permission for those users.
Users in any LDAP group that is not mapped to a role are assigned the catch-all user role when they attempt to log on. By default, the catch-all role is No Access, which prohibits access to the system.
This topic describes how you can perform the following procedures:
Note
You can also perform the following procedures on the Real User Monitor.
On the Analyzer or Collector, point to Administration > General Settings, and then click Accounts & LDAP management., and select the Role mapping view.
On the Analyzer or Collector, point to Administration > General Settings > Accounts & LDAP Management, select LDAP Settings, and select the Accounts view.
Note
If an account is deleted while its user is logged on, the session terminates after the user's next action.
Configuring LDAP authentication for an Analyzer or a Collector
Configuring LDAP group lookup for an Analyzer or a Collector
Adding an LDAP-managed account on an Analyzer or a Collector