Map LDAP Groups with Historian UAA
Before you begin
- Ensure that you have set up an LDAP server. For Historian, it is a Windows domain controller or an Active Directory server.
- On your domain (or Active Directory), create users and groups. For the Historian UAA server to allow users to log in, you must identify an attribute in the LDAP schema that you can use as the username for Historian. This attribute is used to uniquely identify each user. In addition, since Historian usernames do not contain a space, values of this attribute must not contain a space either. Tip: Typically, the
sAMAccountName
anduserPrincipalName
attributes in LDAP meet these conditions, supported by Windows Active Directory. By default, thesAMAccountName
attribute is used in the search filter, but you can change it while installing Historian.
About this task
If you want LDAP users to use web-based clients, you must map the corresponding UAA groups with a Historian UAA group, which is created using web-based clients installation. If you want to use LDAP via SSL, refer to Map LDAPS (LDAP via SSL) Groups with Historian UAA.
Even if you have mapped LDAP groups in an older version of Historian, you must map the groups again as described in this topic.