Problem:
I have several teams that I want to give specific access in CAPC through LDAP authentication.
Example:
Group Support Team A userClone to CA Performance Center UserA
Group Support Team B userClone to CA Performance Center UserB
Solution:
To have multiple group definitions within CAPC the format of the Group property when configuring LDAP via the SsoConfig command: would be:
<LDAPGroups>
<Group Definitions1/>
<Group Definitions2/>
</LDAPGroups>
The following is an example:
<LDAPGroups>
<Group searchTag="memberOf" searchString=" CN=NetworkAdmin,OU=Groups,OU=North America,DC=abcd,DC=com" user="{sAMAccountName}" passwd="" userClone="nadmin"/>
<Group searchTag="memberOf" searchString=" CN=SysAdmins,OU=Groups,OU=North America,DC=abcd,DC=com" user="{sAMAccountName}" passwd="" userClone="sysadmin"/>
</LDAPGroups>
In the above example any user that is part of the 'NetworkAdmin' group in LDAP would get its user rights cloned from the 'nadmin' user in CAPC and any user that is part of the 'SysAdmins' group in LDAP would get its user rights cloned from the 'sysadmin' user in CAPC.