Set up the SAS PCE LDAP
To authenticate users using SAS PCE, the user accounts should be present in SAS PCE store. The user accounts are synced from AD to SAS PCE database through Direct LDAP.
Perform the following steps to sync accounts:
-
Login to SAS PCE admin console using admin account (operator account).
SafeNet Authentication Service window is displayed.
-
Click Virtual Servers > Comms > LDAP > *LDAP User Source.
-
Click LDAP User Source.
LDAP Configuration page is displayed.
-
Enter the LDAP store information, and then click Next.
LDAP Schema page is displayed.
-
Select Active Directory from the LDAP Schema drop-down list, and click Next.
LDAP Credentials page is displayed.
-
Enter the service account credentials to import users from LDAP, and click Next.
Allow Local Users page is displayed.
-
Check Use Local Database to allow user creation on SAS PCE database, and click Next.
-
Click Done.
Verify User Synchronization
-
On the SafeNet Authentication Service window, click Virtual Servers > Assignments.
-
Under Search User, click Search.
To allow user authentication from SAS PCE, they should provisioned first or the operator could use Auto Provisioning on the LDAP Sync Groups.
-
Provision the user accounts in bulk or selectively by the following:
- In bulk: Check User ID to select all users, and click Provision.
- In selective user: Select the user, and click Provision.
-
Click the Authentication Methods section.
-
Select Password as the Authentication Type, and click Provision.
-
This sets the Password token to the user. Click Password to allow the user to use the LDAP password.
-
Select Accept LDAP/AD Password, and click Assign.
This sends the following an email to the users for self-enrollment to the required token (password here):
User can reset their password by the following to use it as authentication method by SAS PCE:
