How to use a Custom Mapping in EEM External Directory configuration to change the Directory Server Attribute used by EEM for User Name and for Login purposes?

Document ID : KB000050378
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Using Active Directory as an example, the following shows how to use a Custom Mapping to modify the Directory Server Attribute EEM utilizes to identify users.

The following example uses Active Directory, but the information can be applied to other Directory Servers and other Attributes as needed.

Solution:

By default the EEM Active Directory configuration utilizes the sAMAccountName as the EEM user's Username and for authentication. In some

environments changing to another identifier is necessary, such as userPrincipalName.

To achieve this, EEM allows for Custom Mapping Directory Attributes.

  1. Log into EEM as the EiamAdmin user.

  2. Select the Configure Tab, Click on EEM Server, and select Global Users / Global Groups.

  3. Change the "Type" from Active Directory to Custom Mapping, and the "Label in Use:" to Microsoft Active Directory.

  4. Complete the rest of the configuration and verify that the Bind is successful.

  5. Click the "Label" folder to the right of the Type drop down.

    Figure 1

  6. Change the User Name user Attribute from sAMAccountName to userPrincipalName.

  7. Save and verify that the bind and load is successful.

EEM will now be using the Active Directory userPrincipalName for the EEM User Name attribute and for the users login into EEM.