Configuring an external LDAP connection

Configuring an external LDAP connection allows your users to log on to your BMC AppZone store using their existing Microsoft Active Directory credentials.

This topic contains the following information:

When a user logs in, BMC AppZone will first try to authenticate using the LDAP configuration. If authorization is successful, the user is granted access to your store. If authentication fails for any reason, BMC AppZone will authenticate the user against the local identity information stored in the BMC AppZone Database.

To configure an LDAP connection

  1. From the BMC AppZone Administration Console, click Store and click External LDAP.
    The External LDAP page appears.
  2. Click Configure.
    The External LDAP Configuration page appears.
  3. In the Enable External Directory field, select the Enable LDAP check box.
  4. In the Server Configuration fields, specify the following required information:
    • Server URL (Host Name) [connection URL to use when connecting to the directory server]

    • Port

      Note

      By default, port 389 is specified. Port 389 is an unsecured port. If you choose to have an encrypted server connection, then you must supply a secured port number.

    • Encrypted (select this field for encrypted connections)
    • Base DN (root distinguished name [RDN] for the base of the target schema where searching for user entries will start)
  5. In the Authentication Configuration fields, specify the following required information used when importing user data:
    • Bind DN (admin user account used to connect to the directory server)
    • Password (password for the admin user)
  6. Click Test Connection to ensure all information is entered correctly. 
  7. In the Attribute Value Customization fields, specify the following required information:

    • First Name Attribute

      Note

      By default, givenname is specified. If you infrastructure uses a custom attribute, enter it here.

    • Last Name Attribute

      Note

      By default, sn is specified. If your infrastructure uses a custom attribute, enter it here.

    • Email Attribute

      Note

      By default, mail is specified. If your infrastructure uses a custom attribute, enter it here.

  8. Click Add to save this configuration.

 

Note

You must ensure that the server on which you install BMC Appzone is allowed to communicate with the external LDAP server. Verify that both the IP address and the port of the server are included in the authentication policies of the LDAP server. Visit http://support.citrix.com/proddocs/topic/access-gateway-92/agee-ldap-authen-configure-tsk.html for more information. 

Where to go from here

After the LDAP connection is configured, you can onboard employees into your store by selecting People and Add LDAP Users. For more information, see To invite users through Active Directory.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*