Configuring authentication for Remedy SSO administrators
Internal authentication is configured as the default method for logging in to the Remedy SSO Admin Console. Only administrators created on the Remedy SSO server by default can log in to the Admin Console.
In addition to the default Internal authentication, Remedy SSO provides a possibility for assigning external LDAP administrators as Remedy SSO administrators.
You have the following options for configuring Remedy SSO admin users authentication:
- You can use the default Internal authentication method to authenticate administrators.
You can specify the Internal authentication type only once in a chain. - You can use both methods of authentication by adding LDAP authentication method into a chain with the default Internal method. You can set LDAP authentication multiple times in an authentication chain.
- You can disable Internal authentication and use only LDAP authentication by adding LDAP method into an authentication chain, and then removing the Internal type from the authentication chain.
To configure admin authentication through an external LDAP directory
- In the Remedy SSO Admin Console, click General > Admin Authentication.
Click Add authentication.
To configure LDAP authentication for external administrators, complete the following fields:
Field Description Server Host Host name of the LDAP server. You can specify more than one LDAP server by providing a comma-separated list of servers. If the first server is unavailable, the Remedy SSO server switches to the second one and so on.
Server Port Port number for the LDAP server, such as 389. Bind DN The distinguished name (DN) of a bind LDAP user.
For example:
CN=Administrator, CN=Users, DC=example, DC=com
This user must have privileges to search the directory.
Bind Password Password for the bind LDAP user.
Users Base DN Starting location within the LDAP directory for performing user searches.
For example:
CN=Users, DC=example, DC=com
User Search Filter The LDAP query to search for the user to be authenticated who has rights to use the admin resources in Remedy SSO.
The user login ID is specified by the
$ADMIN$
keywordFor example:
(&(objectCategory=user)(sAMAccountName=$ADMIN$)(memberof=CN=RSSOAdmin,OU=Users,DC=example,DC=com))
.Identity Attribute Enter the LDAP attribute to be used as the login ID of the administrator.
For example:
sAMAccountName
- Click Save.
To disable Internal authentication
Note
You can disable the Internal authentication method only if you have LDAP authentication method added to the chain.
- In the Remedy SSO Admin Console, click General > Admin Authentication.
Select the Internal authentication method in the List of Authentications, and then click the Delete Authentication icon.
- Click Save
Comments
Log in or register to comment.