Our customer has integrated SPECTRUM with EEM for SSO. He wants to run some scripts with "service users" which are defined outside LDAP/Active Directory.
As per TEC523200, it's possible to add some "local" users in EEM beside those coming from Active Directory :
"There are two options here, either add additional users to EEM for the non-LDAP integration or disable Single Sign-On in Spectrum Web Administration. "
Is this possible somehow to add local "service users" in EEM in addition to the Active Directory integration?
I had hoped that I first could add some "service users" manually / locally in EEM (or delete the AD integration temporarily) and later configure the AD integration and than would have both types of users available. However I cannot find a way to do this and it seems that at any time only one type of users is "known" in EEM, either local users OR AD users - but never both types? Is this correct?
Once the LDAP (Active Directory) connection is made within EEM, you can not add users manually.
When the EEM -> Active Directory connection is established, EEM reads the information from Active Directory, so whatever is in Active Directory will be displayed in EEM.
Now if the Service Accounts in question are in Active Directory, and within the same BaseDN (the OU/Container) which was used to establish the EEM -> Active Directory connection, then those Service Accounts will also show up in EEM, within ‘Managed Identities’.