Unsupported content This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.

Configuring authentication for Remedy SSO administrators

Internal authentication is configured as the default method for logging in to the Remedy SSO Admin Console. Only administrators created on the Remedy SSO server by default can log in to the Admin Console.

In addition to the default Internal authentication, Remedy SSO provides a possibility for assigning external LDAP administrators as Remedy SSO administrators. 

You have the following options for configuring Remedy SSO admin users authentication:

  • You can use the default Internal authentication method to authenticate administrators. 
    You can specify the Internal authentication type only once in a chain.
  • You can use both methods of authentication by adding LDAP authentication method into a chain with the default Internal method. You can set LDAP authentication multiple times in an authentication chain.
  • You can disable Internal authentication and use only LDAP authentication by adding LDAP method into an authentication chain, and then removing the Internal type from the authentication chain.


Related topics

Configuring-the-Remedy-SSO-server

Setting-up-Remedy-SSO-administrator-accounts

To configure admin authentication through an external LDAP directory

  1. In the Remedy SSO Admin Console, click General > Admin Authentication.
  2. Click Add authentication.

  3. To configure LDAP authentication for external administrators, complete the following fields:

    Field

    Description

    Server Host

    Host name of the LDAP server. You can specify more than one LDAP server by providing a comma-separated list of servers. If the first server is unavailable, the Remedy SSO server switches to the second one and so on.

    Server Port

    Port number for the LDAP server, such as 389.

    Bind DN

    The distinguished name (DN) of a bind LDAP user.

    For example: CN=Administrator, CN=Users, DC=example, DC=com

    This user must have privileges to search the directory.

    Bind Password

    Password for the bind LDAP user.

    Users Base DN

    Starting location within the LDAP directory for performing user searches.

    For example: CN=Users, DC=example, DC=com

    User Search Filter

    The LDAP query to search for the user to be authenticated who has rights to use the admin resources in Remedy SSO.

    The user login ID is specified by the $ADMIN$ keyword

    For example:(&(objectCategory=user)(sAMAccountName=$ADMIN$)(memberof=CN=RSSOAdmin,OU=Users,DC=example,DC=com)).

    Identity Attribute

    Enter the LDAP attribute to be used as the login ID of the administrator.

    For example: sAMAccountName

  4. Click Save.

To disable Internal authentication

Note

You can disable the Internal authentication method only if you have LDAP authentication method added to the chain.

  1. In the Remedy SSO Admin Console, click General > Admin Authentication.
  2. Select the Internal authentication method in the List of Authentications, and then click the Delete Authentication icon.
  3. Click Save

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*