IBM Support

Enable LDAP authentication in RTM

Question & Answer


Question

How to enable LDAP authentication in RTM ?

Answer


1. Login RTM server with admin username and password via Web Gui.

2. Go to Console > Configuration > Settings > Authentication

Select “LDAP Authentication” for Authentication Method

Put the LDAP server IP address or hostname under Server (highlighted in yellow).

3. Fill the “Distinguished Name” ,Group Distinguished Name” and “Search Base” under the highlighted area and save it.

Contact the Network Administrator for the details.

Below is the example to fill out :

Distinguished Name (DN): uid=<username>,ou=people,dc=lab,dc=xyz,dc=com

Group Distinguished Name: ou=people,dc=lab,dc=xyz,dc=com

Search Base: ou=people,dc=lab,dc=xyz,dc=com

4. Logout. Select LDAP option and login using LDAP account.

Note:

1. Group Distinguished Name (DN) is reuired, only if "Require Group Membership" is checked.

2. Search base is not required , when "No Searching" mode is selected.

3. Required fields are LDAP general settings.

4. Please check if the LDAP TCP/UDP port, 389, is open through firewall.

If RTM still can't reach LDAP server, follow the below troubleshooting steps :

1. Check your host's ldap.conf for proper information :

# cat /etc/openldap/ldap.conf

LS_CACERTDIR /etc/openldap/cacerts


URI ldap://server1.lab.xyz.com/ ldap://server2.lab.xyz.com/
BASE dc=lab,dc=xyz,dc=com

2. Clear browser cache and restart the browser.

3. Check ldap connectivity via command line, if the host is able to reach ldap server. If it runs, compare the content of the file with the settings in the GUI.

# ldapsearch -h server1.lab.xyz.com -p 389 -x -b "dc=lab,dc=xyz,dc=com"

where server1.lab.xyz.com is the ldap server

4. New LDAP Users have problem accessing RTM. While trying to log in, if the following error is seen:
"Error: Access Denied, please contact you Cacti Administrator."
The User Template should be set for the new users (guest by default). It should not be set to "No User".


Restart the browser and try to log in again.

5. Check the cacti logs for hints if LDAP users still unable to log in.

[{"Product":{"code":"SSVMSD","label":"Platform RTM"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Component":"--","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.1.2;9.1.3","Edition":"Standard","Line of Business":{"code":"","label":""}},{"Product":{"code":"SSZT2D","label":"IBM Spectrum LSF RTM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}},{"Product":{"code":"SSZT2D","label":"IBM Spectrum LSF RTM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
17 June 2018

UID

isg3T1022305

Page Feedback