Integrating IAS with external directory servers
You can set up external authentication servers for both database and platform users.
- It is not possible to log in to the We console as the AD user with mutli-value RDN. For RDN, the UI is currently not supported. It is supported from backend, so you must run the configure_user_management command from backend.
- Once the configure_user_management command completes successfully, you must
restart the Web console by running ap apps restart WebConsole.
When switching to AD using configure_user_management with --type ad-ldap multi-value RDN, you are not able to connect to database from backend or Web console. Only the --type ldap option is supported.
- OpenLDAP
- Active Directory
The appliance administrator can use either same or different directory servers/settings for database and platform user authentication as appropriate. However, even if you use the same server, different configuration steps apply to set it up for database users, and for platform users.
External directory server for database users
The following links describe external directory server configuration for database users in a standalone Db2® Warehouse product. In IAS, you can't run docker exec -it Db2wh configure_user_management commands. Instead, you can use either the web console , or the apsetup interactive script from the command line ().
Detailed steps for configuring an external LDAP server for database users can be found in Setting up an external LDAP server for Db2 Warehouse.
For guidance on configuring Microsoft Active Directory server for database users, see Setting up a Microsoft Active Directory server for Db2 Warehouse.
External directory server for platform users
The appliance administrator can configure the Integrated Analytics System to support user logins authenticated through an external directory server in their organization. Once configured, the appliance acts as the LDAP client to the organization's LDAP server. The following sections describe the configuration steps in details.