Unable to connect to Pega PRWebLDAP1 if operator account does not exist
I'm trying to configure LDAP authentication to login to Pega. I've come to a stage that I am able to login Users in the correct OU to connect to Pega via LDAP authentication, provided I have created their operator accounts.
I've created a Model User in LDAP as well as an Operator ID.
I set AuthenticationLDAPTimeout for Timeout activity and AuthenticationLDAPTimeout for Authentication activity.
How can I allow a user without an operator ID to login to Pega and take after the Model User's template?
I was going through an article on PDN with the similar use-case.It has detailed implementation information. Please read it once as well.
PRCUSTOM - For LDAP authentication (Use Externally Stored Credentials)
PRCUSTOM - For standard login for admin users. (Use Credential Stored in PegaRULES)
There is a setting on the Data-Admin-AuthService on the Custom tab for "Source of Operator Credentials" that can be set to "Use Credential Stored in PegaRULES" or "Use Externally Stored Credentials". This will allow you to separate your two authentication types while having greater control on the admin logins. The admin users can still have passwords kept in PRPC and the login activity is very simple.
Hope it help, kindly notify if it does by marking this post as answered.
"There is a setting on the Data-Admin-AuthService on the Custom tab for "Source of Operator Credentials" that can be set to "Use Credential Stored in PegaRULES" or "Use Externally Stored Credentials" -> May I know where can I find this Custom Tab in the Data-Admin-AuthService? The closest I could find was Operator ID > Security Tab > Use External Authentication.
I'm using Pega 7.3.1. In the Class Data-Admin-AuthService, I see the following tabs, as attached. Thank you.