Hi all. I'm using Service Desk Manager (SDM), Service Catalog (SC) and Process Automation (PAM) in a Service Management implementation. SC and PAM are registered in CA EEM, I use pdm_ldap_import/sync for synchronizing AD users with SDM, and the three products are authenticating against Active Directory (AD).
However, for permission and assignment tasks, SDM takes its own groups but SC and PAM take groups from AD or EEM.
For maintenance purpose, I’d like to have a unique source of groups.
At this moment, I’m evaluation some options:
1) Using SDM groups:
SC and PAM should take groups from SDM. At this moment I think it is not possible since there is an idea: https://communities.ca.com/ideas/235719832
2) Using EEM groups:
I need a way of SDM seeing EEM groups. Is it possible?
3) Using AD groups:
I need to synchronizing AD groups with SDM in a similar way I use pdm_ldap_import/sync for users. I know I can make it with a PAM process or an external program of Java/.NET but it there a CA took for making it for us.
All idea is welcome.
Thanks in advance.