CA Service Management

  • Private Community

  • 1.  How to bulk import users from AD to CA SDM?

    Posted Sep 15, 2015 10:51 AM

    Hello!

     

    I'm finishing a fresh install of: EEM, PAM, SDM and USS and I noticed I can autenticate om SDM (with active directory credentials) if the user is previously created there.

     

    So my question is: how to import all users from AD and keep it in sync?

     

    Is there a tutorial available?

     

    Best,

    Ellery



  • 2.  Re: How to bulk import users from AD to CA SDM?

    Broadcom Employee
    Posted Sep 15, 2015 01:22 PM

    Ellery,

     

    Take a look at these pages:

     

    Firstly you need to enable the LDAP options, you can find information on the Options Manager settings here:

     

    https://wiki.ca.com/display/CASM1401/Configuring+CA+SDM+to+Use+LDAP+Authentication

     

    Then you can use this article for info on the pdm_ldap_import command

     

    https://wiki.ca.com/display/CASM1401/Create+Contacts+in+Batch+Mode+Using+LDAP+Data



  • 3.  Re: How to bulk import users from AD to CA SDM?

    Posted Sep 15, 2015 01:41 PM

    Not related to importing AD users, but related to the authentication of those users.

     

    You should consider configuring Tomcat to handle single sign on (When you access SDM via tomcat, port 8080 by default). Alex gave me a link yesterday to replace the old third party library i was using and it worked like a charm.

    Here it is :

    http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec578799.aspx



  • 4.  Re: How to bulk import users from AD to CA SDM?
    Best Answer

    Posted Sep 16, 2015 08:15 AM

    Dear Alex_Perretti and pier-olivier.tremblay

     

    Yesterday I lost the whole afternoon dealing with this config, and look what I found!

     

    Everywhere I read about conf ldap_dn I saw that I had to put the distinguished name and examples was like: "CN=Joe, CN=Users, DC=KLAND, DC=AD, DC=com" (check here this sugestion https://wiki.ca.com/display/CASM1401/Configuring%20CA%20SDM%20to%20Use%20LDAP%20Authentication)

     

    Yesterday I run a few times the utility: pdm_ldap_test and the result was:

     

    C:\Users\adm_eellery>pdm_ldap_test

    Starting pdm_ldap_test...

    LDAP Directory Type      : active directory

    Service Desk Platform    : windows

    Search Base              : DC=morphus,DC=corp

    Search Filter            : (objectClass=person)

    Administrator Username   : CN=Service Desk,OU=Admins,OU=Fortaleza,OU=Sites,DC=mo

    rphus,DC=corp

    Administrator Password   : **********

    LDAP Host                : srv-ad-01

    LDAP Port                : 389

    ldap_bind() ERROR(Credenciais inválidas)

     

     

    Today I decided to change the ldap_dn config from DN sentence to only the username and what a surprise, it worked! No kidding!!!!!!!!

     

    Never saw so many dificulties in installing a system...

     

    I hope it helps anyone.

     

    Best,

    Ellery