Map LDAP Groups with Operations Hub UAA

About this task

If you want LDAP users to access Web Client and individual applications, you must map the corresponding Operations Hub UAA groups with the appropriate LDAP groups.
There are two methods to map LDAP groups with Operations Hub UAA groups:
  1. Using the UAA/LDAP Connectivity tool directly: In this method, you map the Operations Hub UAA group for each application with an appropriate LDAP group.
    Important: If you want to use discrete applications, you cannot use this method.
  2. Using the Security application in Web Client: In this method, you create a group in the Security application, add all the applications to this group, and then map this group with the appropriate LDAP group using the UAA/LDAP Connectivity tool.
This topic describes these two methods.
Note: You cannot view more than 100 UAA groups using the UAA/LDAP Connectivity tool.

Before you begin

Import UAA users.

Procedure

  1. If you want to use the UAA/LDAP Connectivity tool directly, map the Operations Hub UAA group for each application with an appropriate LDAP group. For instructions, refer to https://www.ge.com/digital/documentation/opshub/windows/windows/t_uaa_map_ldap_groups_with_oh_uaa.html?hl=ldap.
    The following table provides a list of Operations Hub UAA groups that you map to access each application in Web Client.
    Operations Hub UAA Group Application
    mes.equipment.user OEE Dashboard
    mes.reports.user Reports
    mes.downtime.user Downtime
    mes.alarms.user Alarm Notifications
    mes.security_management.user Security
    mes.activities.user Activities
    mes.my_machines.user My Machines
    mes.process_orders.user Process Orders
    mes.waste.user Waste
    mes.operations.user Unit Operations
    mes.work_queue.user Work Queue
    mes.ncm_management.user Non Conformance
    mes.order_management.user Work Order Manager
    mes.route_management.user Route Editor
    mes.property_definition.user Property Definition
    mes.configuration_management.user Configuration
    mes.time_booking.user Time Booking
    mes.approval_cockpit.user Approval Approval Cockpit
    mes.receiving_inspection.user Receiving Inspection
    mes.analysis.user Analysis
  2. If you want to use the Security application in Web Client:
    1. Access Security.
    2. Create a group.
    3. Add applications to the group that you have created.
    4. Using the UAA/LDAP Connectivity tool, map the group that you have created with the appropriate LDAP group. For instructions, refer to https://www.ge.com/digital/documentation/opshub/windows/windows/t_uaa_map_ldap_groups_with_oh_uaa.html.
  3. LDAP users must login to https://OpshubHostname/iqp or the Opshub designer page.