You can configure Lightweight Directory Access Protocol (LDAP) authentication by using the post-install scripts. The connection to the LDAP server must be secure.
When you configure a user for LDAP authentication in Avaya Analytics™, you must add them to one of the following groups: Consumer, Basic, or Advanced.
Note:
When you create, and assign a name to a local user in Historical Reporting, ensure that a user of the same name does not already exist on the LDAP server.
If a local user in Historical Reporting has the same user name as an existing LDAP user, after the LDAP user logs in to Avaya Analytics™, the LDAP user's profile gets linked to the local user profile of the same name in Historical Reporting. As a result, the privileges of the LDAP user are enhanced to the same level as the privileges of the newly created local user in Historical Reporting.
After linking the LDAP user to the local user with the same name in Historical Reporting, the local user profile no longer appears in the list of Historical Reporting users, because the list cannot include users with LDAP accounts.
Procedure
Log in to the Cluster Control Manager (CCM) console as the customer user.
Switch to being the root user by entering the command su.
To run the Analytics Administration script, use the following command:
ccm release orca analytics
Select Historical Reporting by pressing the corresponding number.
Select LDAP configuration by entering the corresponding number.
In the Proceed to LDAP over SSL config? option, enter y. Entering n cancels LDAP configuration.
In the LDAP host FQDN address field, enter the host name of the LDAP server.
In the LDAP port number field, enter the port number of the LDAP.
In the LDAP user DN field, enter the distinguished name of the trusted LDAP authentication user for the LDAP repository searches.
For example, CN=test,CN=Users,DC=test,DC=TEST,DC=COM
In the LDAP password field, enter the password for the trusted LDAP authentication user.
For example, LDAP_PWD
In the LDAP server vendor name field, enter ADS.
In the LDAP authentication method field, enter BINDING.
In the LDAP search root DN field, enter the root distinguished name on the LDAP server.
For example, CN=Users,DC=test,DC=TEST,DC=COM
In the LDAP search filter user field, enter the LDAP search filter for importing users in a batch.
For example, (&(objectclass=person) (sAMAccountName=#LDAP_LOGIN#))
In the LDAP search filter group field, enter the LDAP search filter for importing groups in a batch.
For example, (&(objectclass=group) (member=#LDAP_DN))
In the basicLDAPLINK DN field, enter the input parameter for linking the Basic group to the LDAP group.
For example, CN=Basic,CN=Users,DC=test,DC=TEST,DC=COM
In the advancedLDAPLINK DN field, enter the input parameter for linking the Advanced group to the LDAP group.
For example, CN=Advanced,CN=Users,DC=test,DC=TEST,DC=COM
In the consumerLDAPLINK DN field, enter the input parameter for linking the Consumer group to the LDAP group.
For example, CN=Consumer,CN=Users,DC=test,DC=TEST,DC=COM
To confirm your settings, enter y or n.
If you enter y, the CCM console displays the message: LDAP configuration added.
By default, running this script also links LDAP to groups.
The MicroStrategy server pod restarts in 10 minutes.
If you enter n, you are returned to the beginning of the LDAP configuration prompts, allowing you to update your LDAP configuration settings.
