Exercise 2 | Configuring FME Server for Active Directory (LDAP) |
Data | N/A |
Overall Goal | Connect FME Server to an existing Active Directory service |
Demonstrates | Configuring Active Directory in FME Server, Importing Users and Groups |
This exercise is for demonstration purposes only |
This lab requires a Windows domain controller to be present and available to connect to from the FME Server system. The training environment being used today does not have access to a domain controller. The following steps and video are presented as a guide for configuring the typical active directory to work with FME Server. It does not cover all possible configurations that may be required for your particular active directory.
Sister Intuitive says... |
Due to security requirements and restrictions it is not possible to complete this exercise. Instead, please watch this video demonstrating the exercise. |
1) Connect to FME Server
Open the FME Server web interface, either through the web interface option on the Windows Start Menu or directly in your web browser http://**<your fmeserver host>**/fmeserver, and log in with an admin account.
Click Security, under the Admin heading on the left sidebar, and then select Active Directory.
2) Create Connection to Active Directory
By creating a new connection, you can incorporate your organization’s Active Directory users and groups into your FME Server security configuration.
To get started, select New to open the Create New Server Connection page.
Enter the following information:
- Name: FME Active Directory
- Host: dc.fme.com
- Port: 389
- Search Account Name: DC\Administrator
- Search Account Password: dcAdmin2017
Click OK to save the new Active Directory connection. You will be returned to the Active Directory page. Wait for the Status to change from Yellow to Green, indicating that the connection is successful.
3) Import Users
Now that the connection is established, select the Import Users icon to add users from the Active Directory connection.
On the Browse Users page, type in mvector and press Enter. Select Miss Vector's user and click Import.
A notification will appear in the top right of the web browser window to indicate that the user was successfully imported.
Note: If Miss Vector belonged to any Active Directory groups, we could have instead imported that as an FME Server Role – and all users that are a member of would be imported automatically.
TIP: Import Error |
When importing users from Active Directory you may encounter this message.
This is because a username of the same value already exists in the SYSTEM users.
It is recommended that you remove the SYSTEM user account, and reimport the Active Directory user. This error can also occur if you are importing users from a second domain that contains a same named user as the first domain. In this case it will be necessary to provide a different username on this dialog to represent the user from the second domain. NOTE: FME Server creates an alias for the imported usernames and this is linked to the user account in the Active Directory. |
4) Configure User Permissions
After the Active Directory user is imported to FME Server, you must configure the permissions.
Select Security > Users under the Admin heading on the left sidebar of the FME Server web interface. Click on the Miss Vector user that was just created to open the Edit User page.
Click in the text box area for Assigned Security Roles and select fmeauthor. Notice all the inherited permissions from the fmeauthor Role that are now selected.
Select OK at the bottom to apply the changes.
5) Test the New User Account
Test that the import and assigning permissions was successful by logging into FME Server as Miss Vector.
Either logout of the admin account or open a new private browsing window, and login using the credentials below:
- Username: mvector
- Password: dcFME2017
CONGRATULATIONS! |
By completing this exercise you have learned how to:
|