This appendix is meant to assist IBM Tivoli Monitoring users that wish to use Microsoft's LDAP-based Active Directory product for user authentication. Enabling user authentication explains how to enable LDAP user authentication for users of the Tivoli Enterprise Monitoring Server, the Tivoli Enterprise Portal Server, or both. This appendix extends this information to cover the steps you must complete to incorporate LDAP as implemented in an Active Directory environment, while presenting the topic from an Active Directory perspective. Two user scenarios (one illustrating monitoring server integration with Active Directory, the other portal server integration with Active Directory) are provided to show you how this process can help you implement Tivoli Monitoring security in the real world; see User scenarios.
This procedure uses the TEPS/e Web browser interface to complete the portal server configuration; see TEPS/e administration console.
On the other hand, only monitoring server-based user authentication allows userids to make SOAP Server requests or to issue CLI commands that invoke SOAP Server methods.
The configuration uses all information provided to connect, bind, query, and filter records from a specified LDAP Base to the targeted LDAP Repository for user authentication. The configurations of the monitoring server and portal server LDAP user authentication are separate operations; these configurations (after completion) can be enabled and disabled independently. Do not consider that the steps for configuring the monitoring server's LDAP user authentication will translate to the portal server's LDAP user authentication, nor vice versa.