This content has been marked as final. Show 2 replies
AD setup with external roles is used by multiple customers.
The following section in the Adminstrators Guide describes how to enable external AD authentication for EMGC users
There are step-by-step instructions for configuring AD based authentication. Please make sure all these steps are followed.
There are couple of places where we have seen issues with this integration
- The role name in EM should be uppercase and should match exactly the name of the group.
- The group base dn for AD authenticator configured needs to lookup for the groups in the right level.
(this can be verified by accessing the Admin Console and verifying that groups are properly being listed).
Thank you for the response. Thats exactly the same document that I used for reference and set up AD with EM 12c.
The external ROLE has been set up the SAME way as the AD GROUP & in upper case. There are about 5 users in the AD GROUP. Not ALL 5 users have logged in to OEM. So they dont show up as users. Couple of users who have logged in, Are unable to see the targets though I had given the GROUP privileges to VIEW ALL TARGETS. I even tried giving ADMIN privileges just to make sure the AD GROUP and External ROLE works. THe user CANNOT see anything.
As for the GROUP DN -> If I had not set it right, I wont be able to see the groups right?
Anything else to check for?