Map LDAP Groups With Operations Hub UAA

About this task

If you want LDAP users to use Operations Hub, you must map the corresponding UAA groups with an Operations Hub UAA group, which is created using Operations Hub installation.

Procedure

Double-click .

Tip: By default, this icon appears on the desktop after you install Operations Hub.

The UAA/LDAP Connectivity Tool page appears.
Select the Map Existing LDAP Groups check box.

In the UAA Connection section, provide values as specified in the following table.

Important: The values that you provide in this step must match the values that you provided in the User Authentication and Authorization Service page while installing Operations Hub. These values are required to connect to the Operations Hub UAA. Operations Hub works only with a single instance of UAA, which is specified during Operations Hub installation. After installation, you cannot change the instance of UAA that Operations Hub will use.


Box	Description
URL	Enter the authorization server URL of the Operations Hub UAA that you specified in the UAA Base URL box during installation (for example, https://localhost).
Client ID	Enter the client ID of the Operations Hub UAA server that you specified in the Admin Client ID box during installation.
Client Secret	Enter the client secret configured for the OAuth client that you specified in the Admin Client Secret box during installation.

Select Test.
If connection to the UAA server is established, a message appears, confirming the same.

In the LDAP Connection section, provide values as specified in the following table.


Box	Description
URL	Enter the base URL of the LDAP server (for example, https://localhost).
Bind User DN	Enter the distinguished name of the bind user (for example, cn=admin,ou=Users,dc=test,dc=com).
Password	Enter the password for the LDAP user ID that searches the LDAP tree for user information.
User Search Filter	Enter the starting point for the LDAP user search in the directory tree (for example, dc=developers,dc=com).
User Search Base	Enter the subdirectories to include in the search (for example, cn={0}).
Group Search Filter	Enter the starting point for the LDAP group search in the directory tree (for example, ou=scopes,dc=developers,dc=com).
Group Search Base	Enter the subdirectories to include in the search (for example, member={0}).

Select Test, and then select Submit.
If connection to the LDAP server is established, a message appears, confirming the same.
Select Test again, and then select Continue.
In the LDAP Mapping section, the drop-down list box contains a list of groups in Operations Hub UAA. In the Filter box, a list of LDAP groups appears.
In the drop-down list box, select the Operations Hub UAA group to which you want to map LDAP groups.
In the Filter box, select the check boxes corresponding to the LDAP groups that you want to map.

Note: If a group is already mapped to the Operations Hub UAA group that you have selected, the check box is already selected.
Select Map Groups.
A message appears, confirming that the LDAP groups are mapped to the Operations Hub UAA group.
Repeat steps 8 through 10 for all the Operations Hub UAA groups that you want to map.

Results

The LDAP groups are mapped with the Operations Hub UAA groups.