In Spectrum/EEM integration you can configure the users in Active directory and use EEM to authenticate the Spectrum user login from external Active Directory.
You may want to search for AD users in EEM for different reasons. Due to misconfigurations in EEM the search output might not give you the user information even if the user exists in the Active Directory.
This solution helps you prepare the configurations in EEM so that you get the desired output.
When you are searching for an AD user in EEM , the user can be case-sensitive or case - insensitive. We need to perform the search accordingly depending on these configurations.
Searches can be of 2 types
- If the user in Active directory is upper case and the user in EEM is lower case then the cache global users option under EEM console should be unchecked. If this is check marked , EEM will search for users based on case sensitivity and the user info doesn't appear in the output even if the user exists in Active directory.
- Now if you are interested in case sensitivity and the users are same in EEM and AD , the cache global users option can be checked or unchecked.
Now you might get a question about the "save" option available in the user output window under EEM.
Spectrum creates application groups in EEM with the Spec/EEM integration.
When an AD user is added to this group in EEM then you are required to do the save.
This will allow the user and the user/group mappings to be saved in EEM locally. No other credentials are saved.
In this scenario if the AD goes down then users will not be able to login to Spectrum as EEM will only have the user information and not thecredentials.