This topic shows you how to specify an External Security Manager (ESM).
To specify an External Security Manager and add it to the security managers list used in the
Security Facility Configuration tab:
- In the menu bar, click
Security.
- In the navigation tab, click
Security Managers.
- Click
+ Add.
This opens the
External Security Manager Configuration dialog box.
- Ensure
Enabled is checked.
- In the
Name field, type the name of your security manager.
Note: This is the name that will be displayed in the navigation tree.
- In the
Module field, type the name of the security manager to use. If you are integrating with an LDAP you can use the mldap_esm with both
Microsoft Active Directory or OpenLDAP.
- In the
Connection Path field, type the hostname or IP address and port number of the security manager being connected to. For example
ad-host:389.
- In the
Description field, type a description of the security manager.
- In
Authorized ID field, type the DN of a user with appropriate permissions for the security manager. For example,
CN=Administrator,CN=users,DC=somecorp,DC=com.
- In the
Password field, type the password for the user specified in the
Authorized ID field.
- In the
Description, type a description that can identify the use of the security manager.
- In the
Configuration Information field, type the required configuration options. See
Configuring mldap_esm Security Manager for an LDAP for more information.
- By default, the
Cache Limit and
Cache TTL fields are set to 1024 kB and 600 seconds respectively. Currently, only the MLDAP ESM Module makes use of these settings.
See
MLDAP ESM Module Caching for more information.
- Click
Save.
This adds the specified security facility to the
Defined External Security Managers list.
- To add the specified external security manager to the
ESCWA Configuration in the
Security Managers in list, click
ESCWA Configuration in the navigation pane, and then click
+ Add.
This opens the
Defined External Security Managers dialog box.
- Check the external security managers that you want to add to the security managers list.
- Click
Select.
Note: You can use the
Micro Focus Vault Facility to store a secret for the
Authorized ID and
Password fields. These fields can be specified using the forms:
mfsecret:configuration-name:secret-path
or:
mfsecret::secret-path
or:
mfsecret:secret-path