Creating an LDAP-managed account


To authenticate access on the Real User Analyzer through an LDAP server, you must map groups on your LDAP server to specific Excerpt named varprodname was not found in document xwiki:IT-Operations-Management.Operations-Management.BMC-Real-End-User-Experience-Monitoring.EUEM20._inclusionsLibrary.varProdName.WebHome. roles. This topic provides the following procedures that you can use to provide access to the Real User Analyzer.


Before you begin

You must have enabled the LDAP service on the Real User Analyzer, as described in selecting an account-management model.

To add a hybrid LDAP account on the Analyzer

This procedure adds an Operator account that is authenticated by LDAP, but you assign the individual user role as you add accounts. You can use this procedure if you selected to use LDAP authentication and Local authorization.

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

  1. In a Real User Analyzer, point to Administration > General Settings > Accounts & LDAP Management, and then select Accounts.
  2. On the Action menu, click Add an Account.
  3. In the User Name box, enter the name for the account, for example, MyOperator.
  4. In the Authentication list, select LDAP.
  5. In the Role list, select Operator.
  6. Click Save.

To overrride LDAP mapping for a single user on the Analyzer

In the LDAP database, suppose that the user name is listed as MyUser and is a member of a group called Admins. This LDAP group is mapped to the Administrator role on this BMC Real End User Experience Monitoring device. This procedure gives access to the user as an Observer (so you must override the mapped role).

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

  1. In a Real User Analyzer component, point to Administration > General Settings > Accounts & LDAP Management, select LDAP Settings, and select the Accounts view.
  2. On the Action menu, click Add an account.
  3. In the User Name box, type MyObserver.
  4. Select the Authentication type LDAP.
  5. Select Override role mapping and then select Observer.
  6. Click Save.

Note

If an account is deleted while its user is logged on, the session terminates after the user's next action.

To set the "catch-all" role-mapping

This procedure sets a default level of access to your BMC Real End User Experience Monitoring system for LDAP groups that do not have a specific role-mapping rule.

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

  1. In a Real User Analyzer component, point to Administration > General Settings, click Accounts & LDAP management, and select the Role mapping view.
  2. On the Action menu, click Add/Edit.
  3. In the All others row, select a catch-all role for LDAP groups that are not specifically identified with a Excerpt named varprodname was not found in document xwiki:IT-Operations-Management.Operations-Management.BMC-Real-End-User-Experience-Monitoring.EUEM20._inclusionsLibrary.varProdName.WebHome. role, or select No access.
  4. Click Save.

Related topics

Configuring-LDAP-authentication-for-the-Console
Configuring-LDAP-authentication-for-the-Analyzer-and-Collector
Configuring LDAP group lookup (for the Analyzer) 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*