I’ll give a quick demo on doing LDAP integration from the ACM. Now, this is a 2.7.2 system. It's the most current one out and will integrate with everything.
So, what you want to do is scroll down to "General Settings". Go over to the gear icon, and you go up to configure LDAP settings. And then you have a box to configure what you need.
Now, we’re going to do "Secure LDAP" so we need to check this box, which changes your port and gives you a chance to pull in the certificate.
In this case, it’s an Active Directory server I'm going to be using. This is the server’s hostname. This is the user I'm going to log in with and the admin group is "dp_admin".
I’m going to pull in the certificate, which I've downloaded previously on here. The "Domain," and the "Domain" does need to be in this format, dc=,dc= and the two parts of the domain, or three or however many you had, the "dc" has to be lowercase, by the way, in here, otherwise it will cause issues.
I'm going to put in the "password" for this user. And then once you've filled in all the figures, you’re going to hit the "Validate" button for it to validate that your configuration is good.
And I got a green checkmark. Don’t worry about the red stars next to these two. You have a "Submit" button, so at this point in time I'm going to submit this, so the workflow can begin, the workflow we've already discussed, and run through.
I’m getting an error, and I'll discuss that with you here in just a minute. We’ll let it run through the rest of the workflow and get everything configured for us.
As you can see, it said it’s "Failed" on "Protection Software", which sets the Avamar software inside our stack. There was "Rest API execution failed".
Once again, I'll show you what the issue is, and troubleshooting that issue. And once it’s finished, if there are any failures, it gives you an "Error: 1," and you notice it gives a pop-up of what’s there, of what failed.
It’s also the same thing that’s in here, you have an option to "Retry," or you can manually do this. In this case, what I’m going to do is, I'm just going to click "Finish" and let this complete.
And it is going to refresh the screens. And what you'll see up here is you can see it says Failed to configure LDAP settings on Protection Storage.
And once it fully comes up, you’ll see that'll be on there. It takes a couple of minutes for it to refresh the dashboard on the ACM. And that is a link.
You can see it says "Click here to retry". So once this finishes spinning, you’ll be able to click that link, and it will let you retry the LDAP configuration for that one component.
And it'll show you the others already configured, and it’ll try that one. In our case, it's going to fail again. While this screen is refreshing, so we’re not wasting a lot of time, let me go ahead and bring up this.
Just on the wrong screen, sorry. This is the Java client, the thick client for the "Avamar". You can’t do this from AUI that I know of. What I’ve done is I’ve gone into the "Administration" and then the "LDAP Management" and then if I come in here to this "Directory Service", which is going to pop everything up on the wrong screen today, I can tell it that I want to add a "Directory Service".
And in our case, this is the server I want to add on here, and I want to click "Add". It’s going to say are you sure you want to do this? I say "Yes," and then I'm going to get in there.
Discovering KDC domain dc.x400.sh. Alright, let’s review the status of the files, how does it look, what’s the completion of the workflow. Log in to "ACM" and traverse to the "config directory".
And you can list the two LDAP files here. There you go, you have LDAP config and integration status files. Let’s review the "ldapconfigure.xml" file first.
And there you go, this is how it looks. You have the Active Directory server "HostName", the "BaseDN," "ldapQueryUsername", the "GroupName dp_admin".
It’s an "AD" type, and 636 is the port. Now, let’s review the "IntegrationStatus" file. We know integration failed on the "Protection Software", or "Avamar", so let’s review the state. Overall, the status integration failed.
It shows "Integrated" for "ACM," "DP Search", DPC Data Domain, "DPA".
