Configuring LDAP authentication
You can configure your Lightweight Directory Access Protocol (LDAP) connection to use the service that provides authentication, role-based access control, and user management for IBM Security QRadar® Suite Software.
Understand the information in Users and accounts and in User access, roles, and permissions.
Before installation, you select a value for the initial user of QRadar Suite Software that is set in the adminUser parameter.
The initial user and all other users that you are planning to add to QRadar Suite Software must have an email address in the LDAP directory. The email address must be stored in the mail attribute. If you add a user with no email address, the user might experience issues when they try to access QRadar Suite Software applications.
QRadar Suite Software uses the Identity and Access Management service of IBM Cloud Pak® foundational services. When your LDAP connection is configured, you can select users from your corporate enterprise environment and add them as QRadar Suite Software users.
Install Red Hat OpenShift CLI 4.12 or later
The Red Hat® OpenShift® CLI client helps you develop, build, deploy, and run your applications on any Red Hat OpenShift or Kubernetes cluster. It also includes the administrative commands for managing a cluster under the adm subcommand.
Procedure
Install Cloud Pak CLI 3.23.1 or later
Procedure
Retrieving the login credentials for foundational services
Before you configure your connection, you need the credentials for IBM Cloud Pak foundational services.
Procedure
Configuring your LDAP connection
Configure and connect an LDAP directory by accessing the foundational services cluster console.
Procedure
What to do next
Verify the LDAP connection as the initial identity provider by logging in as the initial user to QRadar Suite Software.
Any subsequent LDAP connection that you configure can be verified by assigning it to a QRadar Suite Software account and adding users that exist in the LDAP directory.