You can integrate LDAP with your Open Manage Network Manager installation in the Portal Settings > LDAP tabs. See LDAP Portal Settings for more about LDAP integration in addition to what follows. 1
Before enabling LDAP server in Portal, you must create and assign one user from LDAP server as Portal administrator. You will not be able to access control panel without administrator role. See How to:Make an LDAP Admin User below for details.
Make sure Import at Startup is turned off and in Password Policies, edit the default password policy and make sure that Change Required is off.
Notice that several test buttons appear in the LDAP screens, for example, Test LDAP Connection. Use these to validate your entries as you make them.
Click Add under LDAP Servers to add the specifications of your LDAP server. After configuring your LDAP server, restart the Open Manage Network Manager server, and attempt to log in as an LDAP user.
LDAP Server Settings
The following settings are required (the values below are examples, only):
Base Provider URL : ldap://192.168.50.25:389
Base DN : dc=dorado-exchange,dc=oware,dc=net
The Principal user must have the necessary administrator rights in Active Directory Server or any other LDAP server
Authentication Search Filter:(sAMAccountName=@screen_name@)
Import Search Filter: (objectClass=person)
Screen Name: sAMAccountName
In the Portal Settings > Authentication > LDAP tab:
Import / Export
Import on Startup Disabled
Make an LDAP Admin User
All users imported from an LDAP server default to the Poweruser role. The default Open Manage Network Manager (login/password: admin/admin) cannot log into Open Manage Network Manager once you enable authentication through LDAP. Therefore you must manually assign one user from the LDAP server as Portal administrator. Here is an example of an LDAP database user with Administrator privileges:
Screen name: ITAdmin
User password: ITPassword
First Name: Scott
Last Name: Smith
You cannot import users without these five attributes into Open Manage Network Manager from an LDAP source.
Creating user ITAdmin with Administrator role:
1. As an Admin user, Go to > Control Panel.
2. Under the Portal category, click Users, then click the Add button.
3. Fill out the User form with name and email address and so on. Remember: screen name, first name, and email address are required. Open Manage Network Manager LDAP import will not overwrite existing users.
4. When you are finished, click Save.
5. A message appears saying that the save was successful.
6. Select the Password, enter password: ITPassword then click Save.
7. Click the Roles link. A screen appears showing the roles to which your ID is currently assigned. By default, all users are assigned the Power User role.
8. Remove the default PowerUser role (optional), and add the administrator role for the user, then click Save.
Now you can enter LDAP server information. Please be patient, your changes may take a while to take effect.
Stopping LDAP Authentication
1. To stop authenticating through LDAP, log in as the admin user with ITAdmin/ITPassword.
2. In control panel go to Portal > Portal Setting > Authentication > LDAP and uncheck the Enabled then Save.
3. After your changes have taken effect, Users can login only with credentials that exist on the Open Manage Network Manager database