Adding LDAP Servers

To configure an LDAP server for usage with Performance Manager:

  1. In the menu, click Administration > System .
  2. Click the LDAP Servers tab.
  3. Click Add New Server. The Add LDAP Server dialog box appears.
  4. Type a Name for the server and optionally a Description. You can define any name for the LDAP server; this field has no impact on the actual LDAP settings.
  5. Check the Active check box to activate the server for use with Performance Manager. If unchecked, the LDAP server's services are not available to Performance Manager.
  6. Type the Hostname or IP-address of the LDAP server and the Port used for the LDAP service. The default port is 389. When using SSL, the default LDAP port is 636.
  7. Check the Use SSL check box to connect to the server through SSL. This check box is closely related to the settings defined in the Port field. For additional information on setting up the communication with SSL, see Communicating with an External System Over SSL.
  8. Optional: In the Bind DN field, type the domain name of the user who is to be used to bind to the LDAP service. This user must have read rights on the directory from the given Base DN root. If this field is left empty, anonymous access will be used, except for LDAP servers that do not support anonymous access.
  9. Type the Password of the user defined by Bind DN. This is not required when anonymous access is allowed.
  10. Type the Base DN root for LDAP queries. For example DC=yourcompany,DC=com.
  11. Type the Filter that is to be used for querying LDAP. Filters must contain a placeholder enclosed in braces.
    • Example 1: (sAMAccountName={%username})

      This example queries the LDAP server for the sAMAccountName with the value of the login name of the logged in Performance Manager user.

    • Example 2: (&(sAMAccountName={%username})(memberOf=CN=Development,CN=Users,DC=yourcompany,DC=com))

      This example queries the LDAP server for the sAMAccountName with the value of the login name of the logged in Performance Manager user, but only if the user is a member of the Development team. This may be useful for example if you enable the automatic account creation, but want Performance Manager to create accounts only for members of a certain LDAP group.

  12. Click Test to perform a test connection to the LDAP server. For more information, see Testing LDAP Servers.
  13. Click OK to save your settings.
  14. If you are using multiple LDAP servers: Specify an Order number to prioritize the order in which the LDAP servers are queried for authentication.