Roles that Can Perform This Task: Cloud Administrator |
The following steps explain how to create System user groups by importing information from your LDAP authentication source. For information about creating Organization user groups by manually entering information, see Manually Creating System and Organization User Groups.
An imported user group’s membership is maintained in the LDAP authentication source. Any users who are members of the user group in the LDAP source receive the roles that are assigned to the user group in Cloud Manager.
An LDAP user group’s members are not imported to Cloud Manager and do not display in the group’s
list. In addition, you cannot manually add users or user groups to an imported group.On the main navigation bar, click
.Click the
tab, click , then click .Authenticate to the LDAP directory:
Click the
tab.In the
section, fill in the following fields:Host: Specify the FQDN (fully qualified domain name) or IP address of the host machine running the LDAP server. For example, ldap.mycompany.com or 123.45.67.8.
Port: Specify the TCP port (on the host machine) where the LDAP server is listening for LDAP connections. The standard port for non-SSL connections is 389. The standard port for SSL connections is 636.
Use SSL: If the Cloud Manager Application Server is configured for an SSL connection to the LDAP server, select this option to enable the secure connection.
In the
section, fill in the following fields:User DN: Specify an account that has read rights to the directory location from which you want to import users. For example, cn=Administrator,cn=Users,dc=MyCompany,dc=com
Password: Specify the password for the account.
Password Confirm: Confirm the password for the account.
Click
.If the connection is successful, the Test Status is displayed as
. If the connection is not successful, validate the connection information and try again.Import user groups:
Click the
tab.Click
.When you click
, a new import entry is added to the list. You use the fields below the list to define the entry.In the DN field, use standard LDAP notation (ou=provo,dc=netiq,dc=com) to specify the distinguished name for the target container or object, then click .
If you specify a container, all user groups located within the container are imported. If you only want to import one user group, specify the DN of the user group object.
If you specified a container for import, select
.If you specified a container for import, select
if you want to import user groups located in its subcontainers.Click
.The imported user groups are added to the
list. User groups are identified by the icon.Click
to close the System Configuration dialog box.To assign roles to a user group, see Assigning Roles to Users and Groups.