Setting up AD/LDAP integration when using NoD

Discussion created by 3859 on Apr 23, 2011

We have all been asked by NoD prospects and customers about setting up AD/LDAP integration and the answer has always been that it isn’t possible with NoD. It is now possible. The latest version of the hub provides the ability to configure the LDAP/AD integration to use a proxy. How this works in NoD is as follows:

1)      Configure the customer relay hub probe to integrate with their AD/LDAP server – nothing new here – and set up an ACL to be linked with a desired AD/LDAP group.

2)      Validate that it works – using Infrastructure Manager (IM), log into the relay hub using a an AD user id  <domain>\<userid>. You should be abel to login this way. Look at the bottom of the IM to see the actual login that was used from AD.

3)      Configure the NoD hub probe selecting the use proxy option and point it to the relay.

4)      Test as above only use change the login hub to the NoD hub – again note the logged in userid at the bottom of IM. Hopefully it will show the userPrincipleName from AD which has the form of an email address <userid>@<DC>.<DC>.<DC>.<DC>, for example jdoe@us.win.company.com

5)      Test UMP login using the login as displayed at the bottom of IM as the NoD UMP is set to only accept userids in the form of an email address.

6)      You may also want to test the IM login using the email like userid, then it could be consistent, though most will just be using UMP.