DX Application Performance Management

  • 1.  APM - LDAP Group

    Posted Dec 11, 2017 09:23 AM

    Hi team,

     

    Currently I have integrated APM with LDAP. The authentication works correctly, but I have created the users in the domain file. Now, I would like to eliminate the users, and place groups so that the administration becomes easier. I did the tests adding the group, but when the user that is in the group of the LDAP, gives error. Viewing in the log, it shows that the user does not have read permission.

     

    Regards,

    Richard



  • 2.  Re: APM - LDAP Group

    Posted Dec 11, 2017 09:42 AM
    Has this happened to you?


  • 3.  Re: APM - LDAP Group

    Posted Dec 11, 2017 10:27 AM

    Make sure you use "grand group" instead of "grand user" in your domains.xml file

     

     

    <domain name="ABC Domain" description="ABC Domain">

    <agent mapping="hostname1(.*)"/>

    <agent mapping="hostname2(.*)"/>

    <grant group="APM_ABC_Group" permission="full"/>

    <grant group="APM_XYZ_Group" permission="read"/>

    </domain>



  • 4.  Re: APM - LDAP Group

    Posted Dec 11, 2017 10:38 AM

    Hi Junaidwily

    Users who are in the group can not login. The log says it does not have read permission.

    In the image you can see the configuration in domain files.

     

    Thanks for the suggestion, will any other option exist?
    thanks,
    Richard


  • 5.  Re: APM - LDAP Group

    Broadcom Employee
    Posted Dec 11, 2017 10:48 AM

    Thank you junaidwily for stepping in and trying to help your peers. Much appreciated! 



  • 6.  Re: APM - LDAP Group
    Best Answer

    Posted Dec 11, 2017 10:58 AM

    Does other LDAP users or LDAP group users are able to login?

    add the particular LDAP user who is in your LDAP group in domains.xml and try to login. If the user is able to login its means that the user doesn't exist in LDAP group. As per my experience when ever we had that kind of problem it is because of users is not in LDAP group or LDAP group is not created etc.

     

    Thanks



  • 7.  Re: APM - LDAP Group

    Posted Dec 15, 2017 11:39 AM

    Hi team,

     

    I already managed to solve the integration of the group, in the file domain and server add to the group with full permissions, and delete the user that I had as an aggregate. Apparently it was generating some type of conflict in the search for users in the LDAP.

     

    Thanks,

    Richard