(SMA) Support Tip: SMAX 2018.05 Authentication Configuration with Embedded OpenLDAP

Background Knowledge:
The suite uses Identity Manager (IdM) for user authentication. So does Service Portal, which shares the same IdM instance with the suite.
You need to define LDAP connection in IDM before synchronizing users into ITSMA.

Configure the embedded OpenLDAP in SMA-X Account Authentication for Demo Purpose
Note: embedded OpenLDAP use uid as login name. For example, login name falcon, password 123456.

By default, the 31389 port used to connect to the internal LDAP server is disabled in SMA. You need to enable this port first.

Please refer to the link below


LDAP Configuration:
1. Open the SMA-X BO link, for example https://[FQDN]/bo/
2. Click on Accounts, and select the account record which is going to configure the embedded OpenLDAP
3. Click on Authentications in the left of the page, click on New and select type “LDAP configuration”, click OK
4. Configure the embedded LDAP information, for example

LDAP server settings
Display name: InternalOpenLDAP
Hostname: [FQDN]
Port: 31389
Base DN: dc=itsma,dc=com
Group DN: ou=groups,dc=itsma,dc=com
User ID (Full DN):cn=admin,dc=itsma,dc=com
Password: secret

Note:Base DN and Group DN would define the members that would be synced 

LDAP attributes
Mail: mail
Login name: uid
First name: givenName
Family name: sn
Office phone number: telephoneNumber
Home Phone number: telephoneNumber
Mobile phone number: telephoneNumber

User login settings
User name: uid
User serach filter: uid={0}
Search subtree: enable

5. Click on Save
The configuration would be verified successfully
Verification: Login service portal.
1. Login Service Portal with the username / password with below URL

After login service portal, the specific user would be found in below 3 places
1. BO link > USERS
2. BO link > ACCOUNTS > select the account that defined the above LDAP authentication > click on Users from the left part
3. SMA-X application table persons
Before login service portal, the user is synced to IDM, not shown in SMA-X application table persons nor BO.

Note: If there are errors when login SMA-X Service Portal, please go to check Service Portal log