Authentication through an LDAP service
IBM® Data Server Manager (DSM) can now be configured to use an LDAP server for user authentication and group mapping.
With IBM Data Server Manager 2.1.4, credentials validation and DSM user role assignment can be delegated to an OpenLDAP server, ApacheDS server, MicrosoftActive Directory, or IBM Tivoli Directory Server.
Go to Installing and upgrading IBM Data Server Manager for complete instructions on downloading and installing DSM Version 2.1.4.
DSM Administrators can configure DSM to use LDAP for user management with the following methods:
- Manage DSM user authentication only
- With this method, only user credentials are managed in LDAP. The DSM Administrator privilege is
still managed by
DSM.There are three ways to manage DSM user authentication:
- In simple mode, where DSM user information is stored in a centralized location in an LDAP directory.
- In advanced mode, where DSM user information is stored in distributed locations in an LDAP directory.
- If DSM cannot retrieve the managed user list, administrators can add users to DSM manually and then grant DSM privileges.
- Manage DSM user authentication and user authorization
- With this method, both user credentials and user privileges (Administrator or User) are managed
from the LDAP side. Any new user creation or privilege assignment must be done from the LDAP side as
well. DSM Administrators can choose an LDAP group to represent DSM Administrators, where membership
grants administrator access to
DSM.There are two ways to manage DSM user credentials and user privileges:
- In simple mode, where DSM user information and privilege groups is stored in a centralized location in an LDAP directory.
- In advanced mode, where DSM user information and privilege groups can be stored in distributed locations in an LDAP directory.