Example of Active Directory configuration
You require Active Directory Windows servers to connect to for authentication, and to set up the certificate trust store that is required for making secure LDAP connections.
An example of an Active Directory setup that is used with Console Management is as follows:
The following table explains the authentication accounts and the Tomcat roles:
Name | Type | Description |
|---|---|---|
AppIDs | Organizational Unit | Service account that is used for administrator authentication |
Domain Users | Organizational Unit | Human (administrator) accounts for domain users |
MVCM-Roles | Organizational Unit | Includes the four Console Management roles that are created as security groups This is necessary to minimize the amount of information that Tomcat picks up when searching for administrator roles. |
AppIDs Organizational Unit
The following example displays the AppIDs Organizational Unit (OU), which in this case has just the service account dedicated for accessing Console Management LDAP.
Domain Users Organizational Unit
The following example displays the Domain Users OU, which in this case has various test accounts:
MVCM-Roles Organizational Unit
The following example displays the MVCM-Roles OU, which has the four defined Console Management roles.
You can grant administrator permissions to individual Windows users by making them members of one or more of the roles that are defined as Active Directory security groups.
The following example displays a test user MVCM All (mvcmall) who has access to all the configuration areas.
