Cloud Manager authenticates users via a supported LDAP directory service, either Microsoft Active Directory or Novell eDirectory. Cloud Manager users must have an account in the directory and be a member of the Cloud Manager user group.
Cloud Manager requires you to specify a search base for users. When authenticating a user, Cloud Manager checks only the users contained within the search base.
As you identify the search base, consider the following:
If you plan to use an existing directory for authentication, you will need to set the search base to a container that encompasses the users who require access to Cloud Manager.
If you plan to set up a new directory, you can structure the directory to maximize efficiency by placing the users in one container (a flat structure) and specifying the container as the search base. If you need to support multiple departments, organizations, or companies, you can create separate containers for each and set the search base above the containers.
You supply the search base when configuring the LDAP connection in Cloud Manager. Make sure you know the DN of the search base (for example, cn=Users,dc=MyCompany,dc=com).
Cloud Manager does not support user IDs that are the same, even if they are in different containers in the directory. Capitalization does not make a user ID unique. For example, JSmith and jsmith in the directory are the same user in Cloud Manager.
You should ensure that all users have unique user IDs.
Access to Cloud Manager is controlled through membership in a Cloud Manager user group. Only users who are members of the group can log in.
Create a user group using any valid LDAP name (for example, CloudManagerGroup or ncmusers).
Remember the name and the container. During configuration of the LDAP connection, you will need to provide the group’s common name and the search base for the group (for example, cn=Groups,dc=MyCompany,dc=com)
Add users who need access to Cloud Manager.
Make sure to add yourself and any other individuals who will be Cloud Manager administrators.
You can add users to the group at any time. To ensure that no users can log in until you’ve completely set up Cloud Manager, wait to add users (other than yourself) until later.
Cloud Manager requires an account that has rights to search and read the following directory containers and objects:
The user search base container and all containers beneath it.
The Cloud Manager user group container.