Service Manager / Service Center Practitioners Forum
cancel

Service Manager LDAP Authentication

SOLVED
Go to solution
ibrahim_aly
Respected Contributor.

Service Manager LDAP Authentication

Dear Gents,

 

I have one question regarding LDAP authentication for Service Manager. My environment contains four DCs (domain controllers), one Parent and three Childs. I’m using SM LDAP Mapping to authenticate users while login to SM but I’m not able to authenticate all users for all DCs. I have already filled the LDAP mapping main page with the IP of the parent DC and the path of the base directory as well but unfortunately, only users of the parent DC were authenticated while users of other DCs are still not able to have authenticated login.

 

Please advise if it is possible to authenticate users of more than on DC using SM internal LDAP Mapping or if there is another way to define more than one DC in the LDAP mapping parameters in the main page.

 

Thanks in advance.

 

Regards,

Ibrahim Aly

11 REPLIES
ramesh9
Acclaimed Contributor.

Re: Service Manager LDAP Authentication

Quick check:

 

1.  Had you checked "SM Unique Key contained in the LDAP DN" in operator/contacts file mapping(db->scldapconfig->search->click on Set field/File level mapping->give contacts/operator->search)

 

2. Whether sm.ini parameter "ldapsearchscope" is set to 0 or to 1?

John_Baker
Super Contributor.

Re: Service Manager LDAP Authentication

If you install SSO Plugin, an HP approved product for SM, you can forget all about integrating with an LDAP.

 


John

tprovin
Outstanding Contributor.

Re: Service Manager LDAP Authentication

What port are you using for LDAP?
Thanks,

Tim
ibrahim_aly
Respected Contributor.

Re: Service Manager LDAP Authentication

ldap mapping has been configured for only operator where the mapping is as follows:

 

mail --> email

full.name --> displayName

name --> sAMAccountName

 

Also, for the ldapsearchscope parameter in the sm.ini file, it has been set to "0".

 

Please note that i have successfully authenticated users of a single domain, i only need to know how to authenticate other domains as well.

 

thanks.

 

 

ibrahim_aly
Respected Contributor.

Re: Service Manager LDAP Authentication

Any idea from where can i download this HP SSO Plugin .. ?
ibrahim_aly
Respected Contributor.

Re: Service Manager LDAP Authentication

I'm using the 389 LDAP default Port

tprovin
Outstanding Contributor.
Solution

Re: Service Manager LDAP Authentication

If your primary LDAP server is a Global Catalog server, try using that instead of the default LDAP port. Global Catalog queries are directed to port 3268, which explicitly indicates that Global Catalog semantics are required. By default, ordinary LDAP searches are received through port 389. If you bind to port 389, even if you bind to a Global Catalog server, your search includes a single domain directory partition. If you bind to port 3268, your search includes all directory partitions in the forest.
Thanks,

Tim
ibrahim_aly
Respected Contributor.

Re: Service Manager LDAP Authentication

Thanks tprovin, this solved my issue
Highlighted
Hptoolsconfigur
Respected Contributor.

Re: Service Manager LDAP Authentication

Hi,

 

I need to intregrate Sm with LDAP. Could you please help me in that?

anjanrh
Contributor.

Re: Service Manager LDAP Authentication

Can you please provide us the configuration details how it is achieved
Brett_Christlieb
Outstanding Contributor.

Re: Service Manager LDAP Authentication

This is an old thread. To which topic are you asking about? How to configure smldapconfig to point to the Global Catalog Server?  Take a look at this Knowledge Document: https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM641370

Additionally there is this thread you can check out: https://community.saas.hpe.com/t5/Service-Manager-Service-Center/Authenticate-Selft-Service-Users-against-two-ADs-SSO-or-LDAP/m-p/1094513#M49684