Setting up LDAP in OpenManage Enterprise

Hi Eric,

Sounds like you are using LDAP directory type based on the options listed. Attributes of User Login defines what attribute in the directory holds the user information. For instance in AD distinguishedName provides the fill distinguished name of the user. Example: CN=OMEnt Test,OU=Service Accounts,OU=Resources,DC=domain,DC=local. AD uses sAMAccountName attribute for the user login, but other directory services like OpeNLDAP might use something different. Example: sAMAccountName = admin_user. Other user attributes could be userPrincipleName which has the following format – user_name@domain.local. This is the same for Attribute of Group – which attribute is used by the directory to fetch groups and memberships. While these settings are not required, if the directory being integrated into OM Enterprise uses custom or non-default attributes these would need to be specified. Search filter is also an optional setting.

Re Importing Users: This is a GUI issue. The ‘Import Directory Users’ button is improperly labeled. You are actually importing groups. This will be fixed for the next version of OM Enterprise.

Re "Already exists": If the group name is Admin, they might not be able to import that group since a user of the same name exists already. I would have them test setting up a new group, for example: oment_admins – or something like that to see if the group can then be added.

Hope this helps,

Rob

p.s. May need a support ticket to sort out some of the finer points.

I'll put the phone number here, but I need to enter it in a goofy format since this forum software strips out a lot of numbers.

8-0-0-9-4-5-3-3-5-5

 

 

 

linking this related post FYI

https://www.dell.com/community/Dell-OpenManage-Enterprise/How-do-I-setup-LDAP-auth/m-p/5919978#M196

 

Hi.

I appreciate your response, but I do not understand it.

Attributes of User Login defines what attribute in the directory holds the user information. For instance in AD distinguishedName provides the fill distinguished name of the user.

What information is OME looking for, that I need to provide the attribute?  What is OME expecting to find as the value of the attribute I provide here?

This is the same for Attribute of Group – which attribute is used by the directory to fetch groups and memberships.

What information is OME looking for, that I need to provide the attribute?  Which attribute is used by the directory to fetch groups and memberships?  As far as I can determine, group-memberships are not attributes of the user object; usernames are contained in an attribute of the group object(s) to which the user belongs.  What is OME expecting to find as the value of the attribute I provide here?

While these settings are not required, if the directory being integrated into OM Enterprise uses custom or non-default attributes these would need to be specified.

What are the "default" attributes?  How would I know if my attributes are custom and need to be supplied?

Search filter is also an optional setting.

What does the Search Filter specify, and why would OME need me to provide one? What does OME expect to be matched by this Search Filter?

The ‘Import Directory Users’ button is improperly labeled. You are actually importing groups

Why, when I import a group, does OME instead create a single user account with the name of the supplied group as the username?  Are all of my users supposed to log in with a single account named for the group?  What is the password for this account?

have you been able to get this to work? 

I am trying to configure this as well right now and seeing the same results as you. 

No, we never got it working. For now, we have given up on OpenManage Enterprise.