IBM Tivoli Monitoring > Version 6.3 Fix Pack 2 > Administrator's Guide > Enable user authentication > LDAP user authentication using Microsoft Active Directory
IBM Tivoli Monitoring, Version 6.3 Fix Pack 2
Plan and create monitoring server and portal server users within Active Directory
When creating Active Directory users for either the Tivoli Enterprise Monitoring Server or the Tivoli Enterprise Portal Server, do the following:
- (Optional) Create the OU hierarchy for monitoring server and portal server users.
See Figure 1. Use the Microsoft Management Console's (MMC) snap-in ADSI Edit.
- Create the monitoring server and portal server users (and, optionally, groups) in Active Directory.
See Figure 2. Use the MMC AD Users and Computers function.
- Apply the desired User/Group Policies to the new Active Directory users and groups.
Use the MMC snap-in for GPO.
No user synchronization currently exists between Tivoli Monitoring and LDAP. User accounts can be synchronized with scripting. Use Active Directory scripting for maintaining an awareness of User account modifications (limited to the OU that applies to IBM Tivoli Monitoring). These detected modifications can then be made to the Tivoli Monitoring users via the CLI tacmd command and to the Active Directory users with scripting. You will need to run your user synchronization script as a scheduled action as frequently as your environment requires to ensure the Tivoli Monitoring and Active Directory users remain synchronized.
Parent topic:
LDAP user authentication using Microsoft Active Directory