How to configure AD to search user info from our company AD?

Hi,

Who can help share us a guide how to configure AD to allow search User info from our company AD? Our WebMethods is 10.3 version.

We want to create ROLE and assign AD userID to these ROLE to help assign user TASK of BPM.

thanks

Hi,

please have a look at the MWS Administration Guide.

You will have to configure an additional Directory Service in MWS to point to your AD.

After that configure a static Role in your internal system directory service and than add your users from the AD-DirectoryService as member of the role.

Grant this Role the right to view the User Task UI under PermissionsManagement in Portal Admin of MWS (i.e. user sysadmin).
You can specify Skin and Shell Rules if you want the UI to match your company CI/CD requirements and StartPage-Rule if the users should be redirected to a specific page after login.

Regards,
Holger

Hi,

To configure the Directory Service to connect to your AD you will need (ask your sysadmin):

  • the credentials to a technical account with enough permissions to make an LDAP query ;
  • install your AD’s certificates in the MWS truststore;
  • where is the base branch in the AD tree were your find your users and your groups;
  • any particular filter you want to apply, to further restrict the users and groups allowed to login into your MWS.

Once this is set, you will find your AD users when you search for them while adding members to a static role (at the very least, the should belong to the “My webMethods Users” role).

If your users have any particular AD property (a specific attribute value, they belong to a specific AD group, etc) you may wish to create a dynamic LDAP query role for them (and then add that role as a member of the “My webMethods Users” role). I use http://ldapadmin.org to debug my LDAP queries.

Once your users belong to a role (static or dynamic) you can assign permissions to that role, as Holger described.