Our website uses cookies. To find out more information on the cookies we use, please head to our privacy policy.OK

How to configure user logins using AD credentials

This article provides the necessary steps on how to configure the PxM Platform to allow users to login using their AD credentials.

Pre-requisites

  • LDAPS must be enabled before this feature can be used, please see the solution article here

Configuring Osirium

  • Within the Web Management Interface, click on System configuration in the left hand menu.
  • Within the System configuration page, click on the Network settings tab.
  • Within the Network settings page, click on the + next to Osirium AD LDAPS configuration. Osirium AD LDAPS configuration 1 will be added.

  • Click the pen icon for Osirium AD LDAPS configuration 1.
  • Fill in the following details:

Field Name Description
Domain Enter the full domain name of the AD LDAPS server.
Primary IP address: Enter the IP address of the AD LDAPS server.
Secondary IP address: Enter a secondary IP address of an AD LDAPS server for failover.
Tertiary IP address: Enter a tertiary IP address of an AD LDAPS server for failover.


  • Click Save.
  • Now you need to create the Osirium user, who’s username must match that of the Active Directory username and have an Auth type of AD LDAPS. Within the Web Management Interface click on the + icon next to Users in the left-hand menu.
  • The New user window will open.
  • Fill in the following details:
a

Field Name Description
Name: The display name of the user.
Username: Enter the username as displayed in the Microsoft Active Directory.
New Password: Not required
Password Again: Not required
Enabled: Default is enabled. Allows the user to log onto the ODC. Uncheck the tickbox to disable the new user account. Disabling a user account means that the user will be unable to log onto the ODC to manage Osirium, devices and run tasks. The user can still be added to profiles.
Expires: The date and time represents when the Osirium user account will be disabled. By default the user account expiry is set to Never.
Email: A valid email address is required to send notifications through email subscriptions.
Auth Type: Select AD LDAPS.
Meta-cols: Meta-columns allow you to attach many kinds of information against each user. If meta-columns exist then select the required meta-column entry. .


  • Click Save.
  • The user can now log onto the ODC using their Microsoft AD Domain username and password.
  • NOTE:

  • Name/Username can’t have the same name as an existing user.
  • Username must adhere to the naming convention – alphanumeric (A-Z a-z 0-9), underscores or dots but must not start with an underscore.
  • When creating a control account for Osirium to manage the auth service the user must be a domain admin, LDAPS must be enabled and the account must be in a password known or password managed state.