2012-03-12 02:01 PM
I am looking for instructions for configuring the LDAP settings dialog in the OnCommand insight report tools.
I would like users in a Windows 2003 or 2008 Active Directory to be able to log in /authenticate to view / create reports. Can someone suggest recommended values for the LDAP settings dialog? Thanks
Solved! SEE THE SOLUTION
2012-03-12 11:34 PM
Check the attached screenshots for reference. The screenshot provides an example of the parameters to be provided for AD configuration.
Here are the fields which require changes/inputs. Rest of the fields can be left with the default values shown.
1.) User principal Name – The value is generally “sAMAccountName” for Active Directory.
2.) LDAP Server – IP address of the LDAP server. Remember to give “ldap://” before the ip address.
3.) Domain – Domains configured in the Active directory server.
4.) Server Administrators – The group within the active directory server whose members can be allowed to work with admin portal.
5.) Report authors - The group within the active directory server whose members can be allowed to work with reporting portal with reporting author role.
6.) Report viewers - The group within the active directory server whose members can be allowed to work with reporting portal with reporting viewer role.
7.) Directory look up user – The name of the user who has credentials to perform lookup in the active directory.
8.) Directory look up password – The password of the directory look up user.
2013-06-03 07:59 AM
Once LDAP is setup, and the groups are listed using the distinguished name of the group, how does the user login? [domain]\[username] or [username]?
Do I have to create a user under general settings for the people in the Active Directory group?
2013-09-12 06:30 PM
It should be [domain]\[username] OCR is like most things very particular about it's LDAP config. You might have to check the group settings, this is where I went wrong.
2013-12-04 03:00 PM
Nevermind, after re-looking at the screens and comparing them I found I missed DC=domain ( forgot to change it to the actual domain), and I also still had UserPrincipleName instead of sAMAccountName. Once I changed those 2 and resaved I can log in now w/ active directory. Hope that helps someone else out.