Important

   

This space contains documentation for TrueSight Server Automation 8.9.03 and the later service packs for 8.9. For earlier releases, see BMC Server Automation 8.9.

Lightweight Directory Access Protocol authentication

TrueSight Server Automation authentication can be based on Lightweight Directory Access Protocol (LDAP), a protocol for querying and modifying directory entries that are arranged in a hierarchical, tree-like structure.

Client-tier users are correlated to identities maintained in directories on external LDAP servers. When a TrueSight Server Automation client-tier user logs in and provides an LDAP distinguished name and password, the TrueSight Server Automation Authentication Service connects to an LDAP server to authenticate the user. If the LDAP server successfully authenticates the user, the Authentication Service issues the client a session credential. At that point a TrueSight Server Automation client application can use the session credential to establish a secure authenticated session with the Application Service or a Network Shell Proxy Service identified by the service URLs in the session credential.

To take advantage of automatic failover, users can set up a list of multiple LDAP servers that provide the same directories of user information. The Authentication Service authenticates users by contacting the first available LDAP server in the list.

Was this page helpful? Yes No Submitting... Thank you

Comments