Remove Mapping Between Operations Hub UAA Groups and LDAP Groups

About this task

If you want to stop users from an LDAP group from using Historian Web-based Clients, you can remove the mapping between the UAA group of Historian and LDAP. If you want to stop integration between the Historian UAA and LDAP altogether, you must remove the mapping for all the groups of the UAA instance.

Procedure

  1. Double-click the UAA LDAP Tool icon on the Desktop.
    Tip: By default, this icon appears on the desktop after you install Historian Web-based Clients.
    The UAA/LDAP Connectivity Tool page appears.
  2. Select the Map Existing UAA Groups check box.
  3. In the UAA Connection section, provide values as specified in the following table.
    Box Description
    URL Enter the base URL of the LDAP server (for example,https://localhost/https://localhost). .
    Bind User DN Enter the distinguished name of the bind user (for example, cn=admin,ou=Users,dc=test,dc=com).
    User Search Filter Enter the starting point for the LDAP user search in the directory tree (for example, dc=developers,dc=com).
    User Search Base Enter the subdirectories to include in the search (for example, cn={0}).

    Group Search Filter

    		 Enter the starting point for the LDAP group search in the directory tree (for example, ou=scopes,dc=developers,dc=com).
    Client Secret Enter the subdirectories to include in the search (for example, member={0}).
  4. Select Test.
    If connection to the UAA server is established, a message appears, confirming the same.
    Box Description
    URL Enter the base URL of the LDAP server (for example, https://localhost).
    Bind User DN Enter the distinguished name of the bind user (for example, cn=admin,ou=Users,dc=test,dc=com).
    Password Enter the password for the LDAP user ID that searches the LDAP tree for user information.
    User Search Filter Enter the starting point for the LDAP user search in the directory tree (for example, dc=developers,dc=com).
    User Search Base Enter the subdirectories to include in the search (for example, cn={0}).
    Group Search Filter Enter the starting point for the LDAP group search in the directory tree (for example, ou=scopes,dc=developers,dc=com).
    Group Search Base Enter the subdirectories to include in the search (for example, member={0}).
    If connection to the LDAP server is established, a message appears, confirming the same.
  5. Select Continue.
    In the UAA Mapping section, the drop-down list box contains a list of groups in Historian UAA. In the Filter box, a list of LDAP groups appears.
  6. In the drop-down list box, select the Historian UAA group whose mapping you want to remove.
    In the Filter box, check boxes for the UAA groups that are mapped to the selected Historian UAA group are selected.
  7. In the Filter box, clear the check boxes corresponding to the LDAP groups for which you want to remove the mapping.
  8. Select Map Members.
    The mapping between the UAA groups of Historian UAA and LDAP is removed.
  9. Repeat steps 6 through 8 for all the Historian UAA groups for which you want to remove the mapping.

Results

Mapping between the UAA Groups of Historian and LDAP has been removed.