In this Post I will show, how to use Active Directory for the iMC operator login. iMC is able to check the password of a network operator using Active Directory. You do not have to do the operator management within iMC and use AD instead. This is quite handy, because you do not have to deal with password management.
To start using AD for password lookup, login to iMC and go to “System–>Operator Management–>Authentication Server”:
In this page you can configure a radius server for authentication or a LDAP server. I will use the LDAP server for password verification. You have to select the “Server Type” which should be “Microsoft Active Directory” and the “Server Address” of a Domain Controller. Afterwards fill in the “Base DN” and the “Admin DN”, make sure, you also include the Base DN into the “Admin DN”. If you are a network guy like me, with nearly no knowledge of Active Directory, you can use “dsqery” to get the information needed. To get the “Base DN” and “Admin DN” you can use the following command on the ad controller:
C:UsersAdministrator>dsquery user -name administrator "CN=Administrator,CN=Users,DC=hpn,DC=local"
The “DC=hpn,DC=local” ist the “Base DN” and the full string is the “Admin DN”.
You have to insert the “Admin Password”. The “Username Attribute is inserted automatically. If your connection requires SSL check the corresponding check box:
After saving the settings with a click on the “OK” button, you have to create the operator by going to “System–>Operator Management–>Operator” and click on “Add”:
You need to specify the “Login Name” which have to be the same as the windows login name and select “LDAP” for “Authentication Type”. I use the default “Administrator Group” for “Operator Group” you can of course select a different one or create your own operator groups. After clicking “OK” the user is created and should be able to login to iMC using his username and the password from Active Directory.
Those short description should help you, getting iMC operator login with Active Directory working. If you have any questions or feedback, feel free to use the comment function below.