Using LDAP authentication and authorization for the Analyzer or Collector

You can configure the BMC Real End User Experience Monitoring components to use your LDAP system to control user access. When logged on as a user with the Security or Administer role, you can configure LDAP for the Real User Analyzer and Collector, or all three, as described in the following sections.

LDAP configuration options for an Analyzer or a Collector

You can choose from the following configuration options for an Analyzer or for a Collector.

Option	Logon behavior	Procedures to perform
Use LDAP for Authentication only	Users can log on and acquire roles assigned by the Administrator. The Administrator must create the user account in the Analyzer and Collector. If roles are not assigned, and the automatic account-creation policy is enabled, users log on as Observers.	Adding an LDAP-managed account on an Analyzer or a Collector Configuring LDAP authentication for an Analyzer or a Collector
Use LDAP for authentication and authorization	LDAP users can log on and are authenticated with credentials in the LDAP server. If LDAP server groups are mapped to system roles, users log in with mapped system roles. If groups are not mapped to roles, users log on with the catch-all role.	Configuring LDAP authentication for an Analyzer or a Collector. Configuring LDAP group lookup for an Analyzer or a Collector. Configuring role-mapping rules for an Analyzer or a Collector. This procedure also describes how to set up the catch-all role.

Additional resources

Wikipedia: Lightweight Directory Access Protocol Open link

Page tree

LDAP configuration options for an Analyzer or a Collector

Related topic

Additional resources