You can use an Active Directory Global Catalog as a user store. The following process lists the steps for creating the user store connection to the Policy Server:
Pinging the user store system verifies that a network connection exists between the Policy Server and the user directory or database.
Note: Some user store systems may require the Policy Server to present credentials.
You can configure a user directory connection that lets the Policy Server communicate with an Active Directory Global Catalog user store.
The Policy Server user store supports the Global Catalog Support feature in Active Directory. However, CA SiteMinder® features that require writing to Active Directory, such as Password Services, are not supported, because Global Catalog does not support writes to Active Directory.
Follow these steps:
Objects related to user directories appear on the left.
The User Directories screen appears.
The Create User Directory screen appears and displays the required settings to configure an LDAP connection.
Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.
Note: If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.
Note: More information about load balancing and failover, see LDAP Load Balancing and Failover.
The user directory connection is created.
Copyright © 2013 CA.
All rights reserved.
|
|