Configuring an Authentication Module to Login Through Active Directory

To Configure an Authentication Module to Login Through Active Directory

1. In the OpenSSO Administration Console, click realm for which you want to add the new authentication chain.

2. Click the Authentication tab.

3. Create a new module instance with the following data:

   • Primary Active Directory server: ADServer:ADServerPort

   • DN to Start User Search: dc=example,dc=com

   • DN for Root User Bind: cn=Administrator,cn=users,dc=RootUser,dc=com

   • Password for Root User Bind: AdministratorPassword

   • Attribute Used to Retrieve User Profile: sAMAccountName

   • Attributes Used to Search for a User to be Authenticated: sAMAccountName

   • Search Scope: SUBTREE

4. Create a new Authentication chaining instance:

   1. Add a new instance for the authentication instance created in the previous step.

   2. Set the criteria to Sufficient.

5. Change Default Authentication Chain to the new authentication chain you just created.

6. Click Save.

Next Steps

To login using Active Directory for authentication, specify the following URL:

http://YourAccessManagerServer:port/amserver/UI/login?org=YourRealmName