Lightweight Directory Access Protocol authentication

TrueSight Server Automation authentication can be based on Lightweight Directory Access Protocol (LDAP), a protocol for querying and modifying directory entries that are arranged in a hierarchical, tree-like structure.

Client-tier users are correlated to identities maintained in directories on external LDAP servers. When a TrueSight Server Automation client-tier user logs in and provides an LDAP distinguished name and password, the TrueSight Server Automation Authentication Service connects to an LDAP server to authenticate the user. If the LDAP server successfully authenticates the user, the Authentication Service issues the client a session credential. At that point a TrueSight Server Automation client application can use the session credential to establish a secure authenticated session with the Application Service or a Network Shell Proxy Service identified by the service URLs in the session credential.

To take advantage of automatic failover, users can set up a list of multiple LDAP servers that provide the same directories of user information. The Authentication Service authenticates users by contacting the first available LDAP server in the list.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*