Pega Integration with AD
Hi,
I just created an authentication service to connect Pega to Active Directory, but i dont find any official documentation to the next steps.
1) How can i do the role mapping on Pega? I have some groups in AD to match Pega roles, like "Pega-Admin" to Administrator, etc
2) I choosed the default WebLDAP1 servlet. How can i test the login with AD user? I just need to access to $PEGA_URL/prweb/WebLDAP1 ?
***Edited by Moderator Marissa to update platform capability tags****
Hi,
Thanks for your answer. I'm using Pega 8.1.
I already was able to connect to AD, creating a custom Authentication Service. Though, i was not able to map the groups with my Pega roles.
Hi,
Please find below document for LDAP configuration.
Thanks,
Kranthi
Thanks, i will check your document.
What version of PRPC are you using? If you're on Pega Platform 7.5+ you should look at using SAML authentication with Active Directory Federated Services (ADFS).
If your using WebLDAP1 AuthService you should be using the PRWebLDAP1 servlet so your url would be $PEGA_URL/prweb/PRWebLDAP1.
Assuming you used the wizard for creating your AuthService you will need to make modifications to AuthenticationLDAPWebVerifyCredentials activity for customizing the user roles based on AD roles.
In PRPC Roles are defined in AccessGroups and you don't want to create a new AccessGroup for each user based off the users AD roles. Instead create the AccessGroups in PRPC that match combinations of AD roles. In the AuthenticationLDAPWebVerifyCredentials activity add logic that determines what AccessGroup should be used to based on the users AD roles. Use a property-set set step on the "Opertator" page, the page being returned for the user, and map the following two properties:
pyAccessGroup <-- This sets the default
pyAccessGroupAdditional <-- List property as you can have more than one.
Hope this helps get you started.