CA Service Management

  • Private Community

  • 1.  EEM and AD integration

    Posted Mar 20, 2018 07:30 AM

    Dear All,

     

      We are going to integrate EEM with MS AD. I have certain concern for the same.

     

    1. Will it effect existing user in EEM having same userid as in AD.

    2. How can I assign default Application group(PAMUser) to all the imported AD users.

     

    Thanks in Advance,

    Vikash Sonar,



  • 2.  Re: EEM and AD integration

    Broadcom Employee
    Posted Mar 20, 2018 07:36 AM

    Hi Vikash,

     

    Please find my comments below

     

    1. Will it effect existing user in EEM having same userid as in AD.

    MK: When you talk about existing User, are they part of EEM local store? If you are configuring to AD for the first time then it will move the EEM connectivity from Local store to SD store (reference to AD). So you will no more be able to connect using the local store users if pointed to AD  

     

    2. How can I assign default Application group(PAMUser) to all the imported AD users.

    MK: If you have added the default application group (PAMUser) to the AD users then you can automatically import all the users with the same settings.

     

    Let me know if this helps?



  • 3.  Re: EEM and AD integration

    Posted Mar 20, 2018 08:52 AM

    Thanks Maheswar_Kusuma for your quick reply,

     

    1. I wanted to know if local user's global group and application group will not be erased, if same user is imported through the AD. Only the password will change as it is now integrated with AD. Am I right?

     

    2. How can I make default application group in AD. Do we need to do this one by one for all users. Or there is some other way to do this.

     

     

    Thanks & Regards,

    Vikash Sonar



  • 4.  Re: EEM and AD integration
    Best Answer

    Broadcom Employee
    Posted Mar 20, 2018 09:05 AM

    Hi Vikas,

     

    1. I wanted to know if local user's global group and application group will not be erased, if same user is imported through the AD. Only the password will change as it is now integrated with AD. Am I right?

    MK: Yes, you are right. The local user hierarchy is not used in this case and it will stay as it is. Only that it will created a new store as part of AD and reference the AD accounts.

     

    2. How can I make default application group in AD. Do we need to do this one by one for all users. Or there is some other way to do this.

    You may have to contact the AD team to see how you can add this to each member, but the moment you start importing the users it will be populated as per your AD settings.