Skip to Content
Information
Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Lightweight Directory Access Protocol authentication

BMC Server Automation authentication can be based on Lightweight Directory Access Protocol (LDAP), a protocol for querying and modifying directory entries that are arranged in a hierarchical, tree-like structure.

Client-tier users are correlated to identities maintained in directories on external LDAP servers. When a BMC Server Automation client-tier user logs in and provides an LDAP distinguished name and password, the BMC Server Automation Authentication Service connects to an LDAP server to authenticate the user. If the LDAP server successfully authenticates the user, the Authentication Service issues the client a session credential. At that point a BMC Server Automation client application can use the session credential to establish a secure authenticated session with the Application Service or a Network Shell Proxy Service identified by the service URLs in the session credential.

To take advantage of automatic failover, users can set up a list of multiple LDAP servers that provide the same directories of user information. The Authentication Service authenticates users by contacting the first available LDAP server in the list.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Server Automation 8.3