ibrahim_aly Respected Contributor.
Respected Contributor.
5310 views

Service Manager LDAP Authentication

Jump to solution

Dear Gents,

 

I have one question regarding LDAP authentication for Service Manager. My environment contains four DCs (domain controllers), one Parent and three Childs. I’m using SM LDAP Mapping to authenticate users while login to SM but I’m not able to authenticate all users for all DCs. I have already filled the LDAP mapping main page with the IP of the parent DC and the path of the base directory as well but unfortunately, only users of the parent DC were authenticated while users of other DCs are still not able to have authenticated login.

 

Please advise if it is possible to authenticate users of more than on DC using SM internal LDAP Mapping or if there is another way to define more than one DC in the LDAP mapping parameters in the main page.

 

Thanks in advance.

 

Regards,

Ibrahim Aly

Tags (1)
0 Likes
1 Solution

Accepted Solutions
Absent Member.. tprovin Absent Member..
Absent Member..

Re: Service Manager LDAP Authentication

Jump to solution
If your primary LDAP server is a Global Catalog server, try using that instead of the default LDAP port. Global Catalog queries are directed to port 3268, which explicitly indicates that Global Catalog semantics are required. By default, ordinary LDAP searches are received through port 389. If you bind to port 389, even if you bind to a Global Catalog server, your search includes a single domain directory partition. If you bind to port 3268, your search includes all directory partitions in the forest.
Thanks,

Tim

View solution in original post

11 Replies
ramesh9 Acclaimed Contributor.
Acclaimed Contributor.

Re: Service Manager LDAP Authentication

Jump to solution

Quick check:

 

1.  Had you checked "SM Unique Key contained in the LDAP DN" in operator/contacts file mapping(db->scldapconfig->search->click on Set field/File level mapping->give contacts/operator->search)

 

2. Whether sm.ini parameter "ldapsearchscope" is set to 0 or to 1?

0 Likes
John_Baker Absent Member.
Absent Member.

Re: Service Manager LDAP Authentication

Jump to solution

If you install SSO Plugin, an HP approved product for SM, you can forget all about integrating with an LDAP.

 


John

0 Likes
Absent Member.. tprovin Absent Member..
Absent Member..

Re: Service Manager LDAP Authentication

Jump to solution
What port are you using for LDAP?
Thanks,

Tim
0 Likes
ibrahim_aly Respected Contributor.
Respected Contributor.

Re: Service Manager LDAP Authentication

Jump to solution

ldap mapping has been configured for only operator where the mapping is as follows:

 

mail --> email

full.name --> displayName

name --> sAMAccountName

 

Also, for the ldapsearchscope parameter in the sm.ini file, it has been set to "0".

 

Please note that i have successfully authenticated users of a single domain, i only need to know how to authenticate other domains as well.

 

thanks.

 

 

0 Likes
ibrahim_aly Respected Contributor.
Respected Contributor.

Re: Service Manager LDAP Authentication

Jump to solution
Any idea from where can i download this HP SSO Plugin .. ?
0 Likes
ibrahim_aly Respected Contributor.
Respected Contributor.

Re: Service Manager LDAP Authentication

Jump to solution

I'm using the 389 LDAP default Port

0 Likes
Absent Member.. tprovin Absent Member..
Absent Member..

Re: Service Manager LDAP Authentication

Jump to solution
If your primary LDAP server is a Global Catalog server, try using that instead of the default LDAP port. Global Catalog queries are directed to port 3268, which explicitly indicates that Global Catalog semantics are required. By default, ordinary LDAP searches are received through port 389. If you bind to port 389, even if you bind to a Global Catalog server, your search includes a single domain directory partition. If you bind to port 3268, your search includes all directory partitions in the forest.
Thanks,

Tim

View solution in original post

ibrahim_aly Respected Contributor.
Respected Contributor.

Re: Service Manager LDAP Authentication

Jump to solution
Thanks tprovin, this solved my issue
0 Likes
Hptoolsconfigur Absent Member.
Absent Member.

Re: Service Manager LDAP Authentication

Jump to solution

Hi,

 

I need to intregrate Sm with LDAP. Could you please help me in that?

0 Likes
Frequent Contributor.. anjanrh Frequent Contributor..
Frequent Contributor..

Re: Service Manager LDAP Authentication

Jump to solution
Can you please provide us the configuration details how it is achieved
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: Service Manager LDAP Authentication

Jump to solution

This is an old thread. To which topic are you asking about? How to configure smldapconfig to point to the Global Catalog Server?  Take a look at this Knowledge Document: https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM641370

Additionally there is this thread you can check out: https://community.saas.hpe.com/t5/Service-Manager-Service-Center/Authenticate-Selft-Service-Users-against-two-ADs-SSO-or-LDAP/m-p/1094513#M49684

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.