Configure authentication settings
You can configure OnCommand Workflow Automation (WFA) to use a Microsoft Active Directory (AD) Lightweight Directory Access Protocol (LDAP) server for authentication and authorization.
What you'll need
You must have configured a Microsoft AD LDAP server in your environment.
About this task
Only Microsoft AD LDAP authentication is supported for WFA. You cannot use any other LDAP authentication methods, including Microsoft AD Lightweight Directory Services (AD LDS) or Microsoft Global Catalog.
During communication, LDAP sends the user name and password in plain text. However, LDAPS (LDAP secure) communication is encrypted and secure. |
-
Log in to WFA through a web browser as an admin.
-
Click Settings, and under Setup click Authentication.
-
Select the Enable Active Directory check box.
-
Enter the required information in the fields:
-
Optional: If you want to use the user@domain format for domain users, replace
sAMAccountName
withuserPrincipalName
in the User name attribute field. -
Optional: If unique values are required for your environment, edit the required fields.
-
Enter the AD server URI as follows:
Example:ldap://active_directory_server_address\[:port\]
ldap://NB-T01.example.com[:389]
If you have enabled LDAP over SSL, you can use the following URI format:
ldaps://active_directory_server_address\[:port\]
-
Add a list of AD group names the required roles.
You can add a list of AD group names to the required roles in the Active Directory Groups Window.
-
-
Click Save.