Unsupported content This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.

Creating a directory server

  1. Select Global Settings> Directory Servers in the left window pane.
  2. Select Edit> Create Directory Serverdirectory_servers_create.png
     The Properties window appears displaying the values for the directory server it has found on the master's domain.

  3. Enter the required missing information into the respective boxes or modify the preselected values to those of another directory server to add.

    Parameter

    Description

    Name

    Enter the user-friendly name of the directory server, under which it is known, into this field. This name may be any combination of characters.

    Notes

    Free text field that may be edited to display general information about the object and its contents.

    Directory Server Proxy

    Specify the device to be defined as the directory server proxy by clicking the Select a Device icon to the right.

    Type

    Select from this dropdown list the type of directory server that is to be defined. Based on the directory type, the other options are populated. The options include:

  4. Specify the credentials as required. The options include:
    • Anonymous Access: Check this radio button if you want to log on to the directory server with an anonymous login. Depending on the ACL lists of the server you may or may not be allowed to connect and/or synchronize. For security reasons it is recommended to not use this option. Checking this option is the same as using an authenticated access without specifying a user and password.
    • Authenticated Access: Check this radio button to log on to the directory server with a specific user login. The two fields below becomes accessible and need to be filled in:
      • User: Defines the name uniquely identifying the user:
        • sAMAccountName notation. For example, DOMAINUser. This is the recommended syntax.
        • LDAP notation: For example, cn=username, cn=usergroup where username is the user you wish to connect as, and usergroup is the folder that contains username in LDAP/Active Directory Users and Computers
        • as the simple user name. For example, administrator (may be used if it is a login of the local AD domain and the server is entered as an IP address or short network name. If the AD is entered as a long network name if the login is a user in the specified domain).
        • UPN notation. For example, user@domain.com (for users in other than the AD domain).
      • Password: Enter the password for the directory server into this field through which the above defined user may access it. Be sure to enter the correct password, otherwise the directory server cannot be accessed from the Console. For security reasons the password is displayed in the form of asterisks (*).
  5. Check that the entered values are correct by clicking the Test Login button.
  6. Click OK to confirm.
    A new directory server with the specified data was created.

List of supported directory servers

MS Active Directory

Parameter

Description

AD Server Name

Enter the known network name of the directory server in this field. This value may be either the complete (recommended) or short network name, such as scotty.bridge.enterprise.com or scotty , or it may be the IP address of the server in its dotted notation, for example, 175.175.2.1 or 2001:db8:85a3::8a2e:370:7334 .

Port Number

Enter the number of the port in this field at which the directory server database may be accessed (389 by default).

Alias

The name of the eDirectory tree to which you want to connect. It corresponds to the client field of the same name provided by Novell in the Advanced settings; it is the same as an Active Directory Alias and may be required in certain cases. A user of context europe.world.enterprise.com may for example be part of a tree called Americas in which exists a unit USA .

IBM Domino

Parameter

Description

Domino Server Name

Enter the known network name of the directory server in this field. This value may be either the complete (recommended) or short network name, such as scotty.bridge.enterprise.com or scotty , or it may be the IP address of the server in its dotted notation, for example, 175.175.2.1 or 2001:db8:85a3::8a2e:370:7334.

Port Number

Enter the number of the port in this field at which the directory server database may be accessed (389 by default).

Organizational Unit

The name of the Domino organizational unit to which the user belongs, similar entity to the alias and OU of Directory Server, for example, a Domino directory of which the organization name is World and which includes the organizational units Americas , Europe and Asia.

LDAP Server

Parameter

Description

LDAP Server Name

Enter the known network name of the directory server in this field. This value may be either the complete (recommended) or short network name, such as scotty.bridge.enterprise.com or scotty , or it may be the IP address of the server in its dotted notation, for example, 175.175.2.1 or 2001:db8:85a3::8a2e:370:7334 .

Port Number

Enter the number of the port in this field at which the directory server database may be accessed (389 by default).

Base DN

Enter the unique name of the base DN to which you want to connect. The base DN is the entry point to the directory organization and different from all others. You can enter this value either in LDAP or UNC format. For example: the entry world.entreprise.com of Active Directory can be entered in LDAP notation as dc=world, dc=enterprise, dc=com or as world.enterprise.com in UNC notation.

Domain Alias

The name of the eDirectory tree to which you want to connect. It corresponds to the client field of the same name provided by Novell in the Advanced settings; it is the same as an Active Directory Alias and may be required in certain cases. A user of context europe.world.enterprise.com may for example be part of a tree called Americas in which exists a unit USA.

Linux LDAP servers

When you add an LDAP server which is running on Linux, you might be unable to connect to the LDAP server. When you click Test Login, you might see the result Initialization of LDAP library failed. This is caused by being unable to locate the ./libldap.so and ./liblber.so libraries.

You can workaround this problem by creating symbolic links to the library and restarting the BCM agent. For example, on CentOS 7, as root, enter the following commands:

ln -s /usr/lib64/libldap-2.4.so.2.10.3 /usr/local/bmc-software/client-management/client/bin/libldap.so
ln -s /usr/lib64/liblber-2.4.so.2.10.3 /usr/local/bmc-software/client-management/client/bin/liblber.so
/etc/init.d/BMCClientManagementAgent stop
/etc/init.d/BMCClientManagementAgent start


Novell eDirectory

Parameter

Description

eDirectory Server Name

Enter the known network name of the directory server in this field. This value may be either the complete (recommended) or short network name, such as scotty.bridge.enterprise.com or scotty , or it may be the IP address of the server in its dotted notation, for example, 175.175.2.1 or 2001:db8:85a3::8a2e:370:7334 .

Port Number

Enter the number of the port in this field at which the directory server database may be accessed (389 by default).

Context

The name of the context that is to be referred in eDirectory. It corresponds to the client field of the same name provided by Novell in the Advanced settings and is the same as a complete domaine name in Active Directory. A context called world.enterprise.com that redirects to the directory part referencing the desired user.

Tree

The name of the eDirectory tree to which you want to connect. It corresponds to the client field of the same name provided by Novell in the Advanced settings; it is the same as an Active Directory Alias and may be required in certain cases. A user of context europe.world.enterprise.com may for example be part of a tree called Americas in which exists a unit USA .

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*