Idea ID: 1642094

Use SMA-SM without LDAP

Status : Declined
over 3 years ago

There are service Providers that use the suite SMA-SM to provide serivces to several clients and share the tool with them. Client's users need to log directly into the tool without log into any domain.

Currently users and passwords are managed by LDAP so through SMA-SM a user cannot change his password. This functionality could be right for an internal use, where all users belongs to a company and they log into the domain before they access to SMA-SM, but when you have external users that access to SMA-SM you need to management the users/passwords through the SMA-SM and not through LDAP. 


  • Thank you for your idea. At this time, your idea hasn’t received enough community support and doesn’t align with our priorities so we are closing this idea. But we may review this again in the future. Thank you for your support and continue posting & voting on ideas to help make our products better.
  •  Hi  - no, no work around.  - I will send a draft document. It will be published on SSO soon

  • Hello Tonya,

    I've been investigating and I found out that LDAP proxy is only supported with SAM 2018.02 or higher.

    Do you know if there's any possible workaround for SMA-SM 2017.11?


  • Hi Tonya,

    thanks for your answer.

    Yes, I would like more information about how to congifure SMA-SM with LDAP proxy approach. Could you share with me any guide or document about it?

    Thank you in advance.

  • Thank you for sharing your idea! It’s open for comments and kudos, and we’re looking forward to input from the community. Once there is enough community traction, it will be reviewed by the product team.

    To be clear, in SMA-X, there the suite admin can define per user the type of authentication that applies. As you noted, SMA-SM only supports authentication through IDM IdP, in most case LDAP or SAML.  I understand we may be able to support the use case with LDAP proxy approach – where we can have IDM configured to this LDAP proxy to redirect client’s user authentication to client LDAP.  Let me know if you would like more information.