LDAP direct connection Trying to Setup an LDAP direct Connection

Document ID : KB000010711
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Trying to Setup an LDAP direct Connection

 

 

Does CA has an example file of the hserver.arg with exemplary entries. 

Background:

Harvest supports OPENLDAP authentication, all LDAP information however is the responsibility of the customer.

 

It is suggested to collaborate with your LDAP administrator then modify the HServer.arg appropriately then restart the broker for changes to take affect. Also recommended to keep mixedmode authentication so that at least one Harvest administrator log in will still work in instances of LDAP failure.

Instructions:

See some suggestions:

 

Here is a white paper example of LDAP changes in the HServer.arg that also uses mixed authentication mode:

-mixedauthmode=1

-authmode=openldap

-ldapserver="<yourldapservername>"

-ldapport=389

-ldapbinddn="CN=Administrator,CN=Users,DC=cascm,DC=ca,DC=com"

-ldapbindpw="<yourldappasswordtoconnecttotheldapserver>"

-ldapbasedn="DC=cascm,DC=ca,DC=com"

-ldapfilter="(&(objectclass=person)(sAMAccountName=<sAMAccountName>))"

-ldapattrusrname="sAMAccountName"

-ldapmode=none

-ldapattrusrfullname=cn

 

 

The LDAPDiag freeware utility from CA may help in this issue.

It can be used in conjunction with the customer's LDAP changes in HServer.arg to build automatically the hauthtest commandline.

 

It can be found, understanded and downloaded from here: https://communities.ca.com/thread/241745212