User accounts are managed on the directory service. Users must be registered in directory service. During the setup you can choose the directory service to use.
The following services can be used as directory service
Interstage Directory Service
Active Directory
OpenLDAP
In case of using Interstage directory service with authentication by LDAP, construct the environment of Interstage directory service using the following procedure.
See
For detail, refer to the "Interstage Application Server Directory Service Operation Guide".
In addition, user information registered in directory service is effective as of either timing as below.
The timing of reading information from Directory Service that Systemwalker Runbook Automation execute regularly every 60 minutes (maximum of 60 minutes after registering information).
The timing of login using user information registered in Directory Service.
The timing of clicking Update from right click menu of User submenu in System Management tab in Web console.
Information
The user identity attribute (RDN) information on the directory server is user name used to login to Systemwalker Runbook Automation Console.
Note
The at sign ("@") cannot be used at the start of user names or group names. Only alphanumeric, hyphens, and underscores ("_") can be used in user names and group names.
The procedure that is used to set and register a user is shown below.
Create LDIF file
Settings examples:
[LDIF for user registration]
dn: uid=user1,ou=%USER%,%DOMAIN% changetype: add objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top cn: swrbaadmin sn: swrbaadmin givenName: swrbaadmin userPassword: systemwalker#1 uid: user1 |
[LDIF for IflowUsers group addition]
dn: cn=IflowUsers,ou=%GROUP%,%DOMAIN% changetype: modify add:member member: uid=user1,ou=%USER%,%DOMAIN% |
Replace the %-% parts in the above files according to the following replacement target list:
Replacement target list
Replacement target symbol | Settings value after replacement |
|---|---|
%DOMAIN% | Build domain name ('dc=...' format) Example: ou=interstage,o=fujitsu,dc=com Note: When performing the setup after the LDAP build, this settings value must be specified for the LDAP key name at the time of the setup. |
%USER% | Name of organizational unit (OU) used in Systemwalker Runbook Automation Example: User Note: When performing the setup after the LDAP build, ou=<%USER% settings value> must be specified for the organizational unit setting that stores the LDAP user at the time of the setup. |
%GROUP% | Name of organizational unit (OU) used in Systemwalker Runbook Automation Example: Group Note: When performing the setup after the LDAP build, ou=<%GROUP% settings value> must be specified for the organizational unit setting that stores the LDAP group at the time of the setup. |
See
Regarding the object class and attribute shown in example of setup, please refer to the " Appendix:Interstage Directory Service Object Classes List " and " Appendix:Interstage Directory Service Attributies List" in the "Interstage Application Server Directory Service Operation Guide".
Register a user in Interstage Directory Service
The example of registering entry data by using ldapmodify command and LDIF file is shown below.
Example:
DN for Administrator: cn=admin,<'dc=...' domain name of format>
Password for Administrator DN: admin
Host name of repository: Host name of Interstage Directory Service
Port Number: 389
[Windows]
ldapmodify -H ldap:// <Host name of InterstageDirectory Service>:389 -D "cn=admin,<'dc=...' domain name of format>" -w admin -a -f <LDIF file name which is created> |
[Linux]
/opt/FJSVirepc/bin/ldapmodify -H ldap:// < Host name of InterstageDirectory Service >:389 -D" cn=manager,<'dc=...' domain name of format>" -w admin -a -f <LDIF file name which is created> |
See
For more information on ldapmodify command, refer to Interstage Directory Service Operation Commands" in the "Interstage Application Server Reference Manual (Command Edition)".
