Setup SPP with Active Directory
When I was playing around with a new installation of IBM Spectrum Protect Plus (SPP) I wanted to make sure we could grant access to all our engineers in a easy way and still use our centralized Microsoft Active Directory LDAP service.
So here is a quick guide how to setup SPP with Microsoft Active Directory Services.
First of all you need to create a Group in Active Directory and add the members you want to be Administrator for SPP
When that is done you can then login in to IBM Spectrum Protect Plus WebUI and open the menu on the left side and System Configuration -> LDAP / SMTP.
For Microsoft Active Directory do you need to fill out following parameters
- Host Address is the Address to one of your Active Directory Servers.
- Port and Port to your LDAP normally it is port 389
- Bind Name that is the firstname.lastname@example.org
- Password for the User
- Base DN where to search for your user accounts
- User Filter is for how you should specify the login name in SPP WebUI
- User RDN where are your users located in the Active Directory
- Group RDN where your groups are located in Active Directory.
In my case this is how our configuration look like.
Press [Save] when you are done.
Now you can add your Group that you created in your Active Directory.
On the left side click on Accounts -> User and click on the right side [+ Add User] button.
In the top you need to select LDAP Group and then under Group Name you can friendly search your new Group that you just created.
Assign role to that group, in my case that group will be SYSADMIN in SPP.
Click [Continue >] and assign resources that the group should have access to and then press [Create User]
Now try to login with your Username and password on the main SPP WebUI.
Do you want to know more please read on following link from IBM.