HowTo: iMC Operator Login using Active Directory

In this post, I will show, how to use Active Directory for the iMC operator login. iMC is able to check the password of a network operator using Active Directory. You do not have to do the operator management within iMC and use AD instead. This is quite handy because you do not have to deal with password management.

To start using AD for password lookup, login to iMC and go to “System–>Operator Management–>Authentication Server”:

iMC-Operator-Login-Authentication-Server
iMC-Operator-Login-Authentication-Server

In this page, you can configure a radius server for authentication or a LDAP server. I will use the LDAP server for password verification. You have to select the “Server Type” which should be “Microsoft Active Directory” and the “Server Address” of a Domain Controller. Afterwards fill in the “Base DN” and the “Admin DN”, make sure, you also include the Base DN into the “Admin DN”. If you are a network guy like me, with nearly no knowledge of Active Directory, you can use “dsqery” to get the information needed. To get the “Base DN” and “Admin DN” you can use the following command on the ad controller:

C:\Users\Administrator>dsquery user -name administrator
"CN=Administrator,CN=Users,DC=hpn,DC=local"

The “DC=hpn,DC=local” ist the “Base DN” and the full string is the “Admin DN”.

You have to insert the “Admin Password”. The “Username Attribute is inserted automatically. If your connection requires SSL check the corresponding check box:

iMC-AD-Login
iMC-AD-Login

After saving the settings with a click on the “OK” button, you have to create the operator by going to “System–>Operator Management–>Operator” and click on “Add”:

iMC-Add-Operator
iMC-Add-Operator

You need to specify the “Login Name” which have to be the same as the windows login name and select “LDAP” for “Authentication Type”. I use the default “Administrator Group” for “Operator Group” you can of course select a different one or create your own operator groups. After clicking “OK” the user is created and should be able to login to iMC using his username and the password from Active Directory.

Those short description should help you, getting iMC operator login with Active Directory working. If you have any questions or feedback, feel free to use the comment function below.

4 thoughts on “HowTo: iMC Operator Login using Active Directory”

    • Hi Jamie,

      since one of the last versions, it is not necessary any more, to create the user upfront. By using Active Directory, the user just needs to be part of a Group, which is allowed to login to iMC. I think I will write a new post on that, as this is significantly easier now.

      BR
      Florian

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.