IBM Tivoli Monitoring > Version 6.3 Fix Pack 2 > Administrator's Guide > Enable user authentication > LDAP user authentication using Microsoft Active Directory > User scenarios > Authenticate portal server userids with Microsoft Active Directory
IBM Tivoli Monitoring, Version 6.3 Fix Pack 2
Define the LDAP user registry in the Integrated Solutions Console
When using the Integrated Solutions Console to define the LDAP user registry, follow these steps:
- On the left side of the primary Integrated Solutions Console screen, expand the list of Security options, and select Global security. The Global security panel is displayed.
- Under the User account repository section, click Configure.
- From the Configuration tab, click Manage Repositories at the bottom under Related Items to open the screen where you can define your LDAP user registry:
Figure 1. The Integrated Solutions Console Configuration notebook tab
- On the Manage repositories screen, click Add:
Figure 2. The Integrated Solutions Console Manage repositories screen
The General Properties screen, shown in Figure 3, is displayed. This is where you supply the information that defines the location and configuration of your LDAP user registry.
Figure 3. The Integrated Solutions Console General Properties screen
- Complete this screen with the following information:
When you have completed this page, click OK. The verification screen is shown:
- Repository identifier
- A freeform name for the registry, in this case simply LDAP.
- Primary host name
- Hostname of the LDAP server, in this case adhost.company.com.
- Port
- Port the LDAP Server is listening on. In this example, 389 is the valid value.
- Bind distinguished name
- The full LDAP Distinguished Name of the Bind ID. In this case, the full LDAP Distinguished Name for the svc.tivolisec account that your site's LDAP administrator supplied is CN=svc.tivolisec,OU=ServiceAccount,DC=us,DC=global,DC=company
,DC=com.
- Bind password
- The password for that Bind ID.
- Login properties
- The login properties to use for that Distinguished Name, in this case the mail property.
Figure 4. The Integrated Solutions Console verification screen
- Click Save.
Your site's LDAP user registry is now defined.
Parent topic:
Authenticate portal server userids with Microsoft Active DirectoryPrevious topic: Enable TEPS/e administration
Next topic: Add your LDAP user registry to the eWAS realm