This documentation supports the 23.3 version of BMC Helix Change Management.To view an earlier version, select the version from the Product version menu.

Configuring LDAP with TMS on the AR System server

As an administrator, you can configure LDAP with the Task ManagementSystem (TMS) on the Action Request System.

LDAP configuration with TMS on the Action Request System is done in two steps. First, the connection to the designated LDAP server is configured through ARDBC LDAP Configuration form with AR System User or a browser. The next step is to edit the TMS:LDAPUser and TMS:LDAPGroup forms in Developer Studio. This procedure also covers integration with the Sun ONE directory server.

For more information about LDAP plug-ins, see LDAP plug-ins in AR System in the Action Request System online documentation.

Important

You must be a Action Request System administrator user to perform this procedure.

To configure Active Directory Application Mode (AD/ADAM) Directory Servers

  1. Log in to Mid Tier.
  2. Open the object-list.
  3. Search for and select the ARDBC LDAP form.
  4. Enter the LDAP server to use to relate the LDAP users and groups, and then click Save.
  5. Log in to Developer Studio.
  6. In the Servers list, select your server name, and then select the Forms option.
  7. Select Edit > Find, enter TMS:LDAPUser, and click Find.
  8. Select the form, and then select Form > Form Properties.

  9. On the Vendor Information tab, replace the Table Name with the LDAP host and the Base DN for your LDAP configuration.
    For example, replace the Table Name with the following value:

    ldap://172.23.237.64:389/
    cn=users,dc=example,dc=com??sub?(objectclass=user)

    For Sun ONE directory server, use the following values:

    ldap://172.23.237.64:389/
    ou=people,dc=example,dc=com??sub?(objectclass=inetorgperson)
  10. Because the distinguishedName property is not available for Sun ONE directory server, to get the Full DN, configure the entrydn property.
    1. In the TMS:LDAPUser form, double-click the distinguishedName field.
    2. In the Field Properties dialog box, click the Database tab.
    3. In the Name field, enter entrydn.
    4. Click Save.
  11. Click OK to save your changes.
  12. Close the TMS:LDAPUser form, and then open the TMS:LDAPGroup form.
  13. Select Form > Form Properties.

  14. On the Vendor Information tab, replace the Table Name with the LDAP host and the Base DN for your LDAP configuration.
    For example, replace the Table Name with the following value:

    ldap://172.23.237.64:389/
    cn=users,dc=example,dc=com??sub?(objectclass=group)

    For Sun ONE directory server, use the following values:

    ldap://172.23.237.64:389/
    ou=people,dc=example,dc=com??sub?((objectclass=groupofnames)
    (objectclass=groupofuniquenames))
  15. Because the distinguishedName property is not available for Sun ONE directory server, to get the Full DN, configure the entrydn property.
    1. In the TMS:LDAPUser form, double-click the distinguishedName field.
    2. In the Field Properties dialog box, click the Database tab.
    3. In the Name field, enter entrydn.
    4. Click Save.
  16. Click OK to save your changes.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*