cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynatrace Managed LDAP and Groups

cecilia_richard
Newcomer

I have been trying to setup LDAP for a couple of days now and still not able to get users to login. When setting up the repository I even took the granulation down to just 1 (me) user and when looking at the groups, it shows the group I choose was in LDAP, but when I try to login it shows I do not below to a group(tenant in server logs). Has anyone else had similar issues setting up LDAP and if so what was done to overcome this. I have chatted with Dynatrace and best solution is to try different combinations. I also have the attribute description for both user and group and none of the combinations seem to work. Thanks for your help.

5 REPLIES 5

ChadTurner
Leader

Since your adding in LDAP, do you have the groups made in AD as well and have you assigned yourself access to that group via AD?

-Chad

So you have to use a new AD group, create a group specifically for Dynatrace ? I cannot use an existing group that I am a member of?

So thats what we had done since Dynatrace Revamped the CMC. So for example, we have two groups Dynatrace-Admin and Dynatrace-User. We added those groups into Dynatrace, and provided the access as desired (ADmin gets everything and ability to deploy oneagents etc... where the end User account gets access as needed without admin stuff like deploy oneagents, change settings and so on.)

You can use existing groups but if your keeping Dynatrace past the trail period, I would recommend setting up dedicated group(s) for Dynatrace.

-Chad

Hello Chad,

Thanks for the information. I'll get with the LDAP/AD group to get a group added.

You welcome, just an FYI - you might want to look ahead when you create the AD groups. For example, if you are going to expand the use of Dynatrace, where the Server Team will use it, the help desk, security, app dev and so on, as you will need to create ad groups for management zones as well So lets say we have Easy travel team. You might want to create a AD group for the Easy Travel team where those users will get access to the Easy Travel Management Zone and not other applications that they might not support. Same goes for Security or app dev and so on. AD groups are used to assign Management Zones (For Managed customers not SaaS customers)

-Chad