Datapower RBM Active Directory Members

When you want to enable Active Directory Login with Datapower and your members are part of a Group you need to add the following to your LDAP Search Credintials:

Name:                ldapsearch

LDAP Base DN:        ou=groups,dc=ibm,dc=com

LDAP Filter Prefix:  (&(member=

LDAP Filter Suffix:  )(|(cn=administrators)(cn=architects)(cn=operations)))

Datapower Active Directory RBM Authentication

Below is good resources on setting up Datapower Active Directory for login into a Datapower Appliance:

http://asimsaddal.sys-con.com/node/1103557/mobile

Below is my version on setting up Active Directory for Datapower and it works:

Step 1: Navigate to Administration -> RBM Settings

Step 2: Make sure your Main page looks like the following:

Step 3: Navigate to the Authentication Tab

Specify your Active Directory Server Host, Port Number (default 389), LDAP version and enable Search LDAP for DN

Your Bind DN will look something like:

CN=,OU=Application Specific Resources,OU=Enterprise Configuration & Resources,DC=,DC=,DC=

Note: Set Local Login as Fallback to login to your appliance. This is for when LDAP fails you still have access to the appliance.

Your LDAP Search Parameter will looks like follows:

Your LDAP Base DN will look something like:

OU=User Accounts,DC=,DC=,DC=

Step 4: Navigate to the Credentials Tab and select Mapping Credentials Method -> xmlfile

Disable: Search LDAP for Group Name

Create a new RBM Policy URL by clicking on the + . Navigate to the wizard till u get to: Access Profile Mapping.

Your Credential Name will look something like: OU=User,OU=Business Unit,OU=User Account,DC=,DC=,DC=