Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Log & Event Manager (LEM) > Create LEM Console users with domain credentials

Create LEM Console users with domain credentials

Table of contents

Overview

This article describes how to create LEM Console users by using a connection to Active Directory.

Environment

LEM 5.4.0 > 6.2.1
 

Note: Starting with LEM version 5.4, the Build > Users component of the LEM Console can authenticate a login using Microsoft Active Directory.
 

Note: LEM versions 6.3.x and later will still use the Directory Service Query Connector, but this connector will only be used to query groups for use by Rules and nDepth searches. So the reference to Configuring the Directory Service Query Connector (for LEM 6.3.x) does not apply to users logging in with AD credentials. On LEM 6.3.x and later, SSO (single sign on) will need to be configured to use AD credentials for the console login. Local user account can still be used to login to LEM if it has not been disabled during the SSO configuration.

Steps:

Create a LEM Console user from an Active Directory user:

  1. Open your LEM GUI Console and authenticate to your LEM appliance.
  2. Configure the Directory Service Query connector on your LEM appliance if you have not done so. For additional information, see Set up Active Directory authentication in LEM 6.3.0 and older.
  3. Click the Build tab, and then select Users.
  4. Click the plus icon, and then select Directory Service User.
  5. Select the Organizational Unit and Group where you want to add the user.
  6. Select the user you want to add from the Available Users column, and then click Select User.
  7. Select a LEM role in the User Information form. Click View Role to see details about each role.
  8. Enter a user description if you want. If you change the Description field, your changes only apply to the LEM user account and not to the Active Directory account.
  9. Click Save.

Create LEM Console users from an Active Directory group:

  1. Open your LEM Console and authenticate to your LEM appliance.
  2. Configure the Directory Service Query connector on your LEM appliance if you have not done so. For additional information, see Set up Active Directory authentication in LEM 6.3.0 and older.
  3. Click the Build tab, and then select Users.
  4. Click the plus icon, and then select Directory Service Group.
  5. Select the Organizational Unit where you want to add the group.
  6. Select the group you want to add from the Available Groups column, and then click Select Group.
  7. Select a LEM role in the User Information form. Click View Role to see details about each role.
    Note: If you want members of this group to have different LEM user roles, change their roles individually after you complete this procedure.
  8. Enter a description for these users if you want. If you change the Description field, your changes only apply to the LEM user accounts and not to the Active Directory accounts.
  9. Click Save.

 

Last modified
09:24, 22 Jun 2017

Tags

Classifications

Public