Highlighted
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor
943 views

(SMA) Support Tip: SMAX 2018.05 Authentication Configuration with Embedded OpenLDAP

Background Knowledge:
The suite uses Identity Manager (IdM) for user authentication. So does Service Portal, which shares the same IdM instance with the suite.
You need to define LDAP connection in IDM before synchronizing users into ITSMA.


Scenario:
Configure the embedded OpenLDAP in SMA-X Account Authentication for Demo Purpose
1.png 
Note: embedded OpenLDAP use uid as login name. For example, login name falcon, password 123456.

Preparation:
By default, the 31389 port used to connect to the internal LDAP server is disabled in SMA. You need to enable this port first.

Please refer to the link below

https://docs.microfocus.com/itom/Service_Management_Automation_-_SM:2018.05/Configure-users-in-the-internal-LDAP-server_19894966

LDAP Configuration:
1. Open the SMA-X BO link, for example https://[FQDN]/bo/
2. Click on Accounts, and select the account record which is going to configure the embedded OpenLDAP
3. Click on Authentications in the left of the page, click on New and select type “LDAP configuration”, click OK
 2.png
4. Configure the embedded LDAP information, for example

LDAP server settings
Display name: InternalOpenLDAP
Hostname: [FQDN]
Port: 31389
Base DN: dc=itsma,dc=com
Group DN: ou=groups,dc=itsma,dc=com
User ID (Full DN):cn=admin,dc=itsma,dc=com
Password: secret

Note:Base DN and Group DN would define the members that would be synced 

3.png
LDAP attributes
Mail: mail
Login name: uid
First name: givenName
Family name: sn
Office phone number: telephoneNumber
Home Phone number: telephoneNumber
Mobile phone number: telephoneNumber

4.png 
User login settings
User name: uid
User serach filter: uid={0}
Search subtree: enable
5.png 

5. Click on Save
The configuration would be verified successfully
Verification: Login service portal.
1. Login Service Portal with the username / password with below URL
https://[FQDN]:443/saw/ess?TENANTID=[TENANTID]

After login service portal, the specific user would be found in below 3 places
1. BO link > USERS
2. BO link > ACCOUNTS > select the account that defined the above LDAP authentication > click on Users from the left part
3. SMA-X application table persons
https://[FQDN]/admin/people/persons?TENANTID=[TENANTID]
Before login service portal, the user is synced to IDM, not shown in SMA-X application table persons nor BO.

Note: If there are errors when login SMA-X Service Portal, please go to check Service Portal log
/var/vols/itom/itsma/itsma-itsma-global/logs/xservices/serviceportal/itom-xruntime-serviceportal-***-***-YYYY-MM-DD/maas/ess_error.log

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.