In a Microsoft Windows environment, LDAP authentication is supported in a single domain only; it is not supported across multiple trusted domains.
Secure communication between a CA Harvest SCM LDAP client (a product remote agent or server) and an LDAP server is supported with Transport Layer Security (TLS) and Secure Socket Layer (SSL) and requires the use of certificates.
Users are the only type of external identity used by the product. User groups defined in the external authentication servers are not used by the product. The product recognizes only the user groups and user group memberships that are created and maintained in the product.
When external authentication is enabled, users cannot access the product unless they are defined with the same user name in both the product and the external authentication server. Therefore, after enabling external authentication, administrators must add or rename user names in the product to match the corresponding user names in the authentication server. When external authentication is enabled, any user name not defined in the external authentication server cannot access the product.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|