Gathering Provider Group Information

Production environments rely on a production-grade security provider (commonly an LDAP directory) to authenticate administrators. To map the SUP default logical roles to the corresponding physical roles in the security provider, you must understand how the provider organizes users into groups.

Consider which users need to be in the SUP Administrator, SUP Domain Administrator, and SUP Helpdesk roles, then identify or create groups in your provider that corresponding to these roles.
Note: If you have installed an earlier version of Unwired Platform as part of a development deployment, you may have an OpenDS LDAP server running in your environment, and both Unwired Platform and Sybase Control Center may be using this directory. Sybase no longer uses this directory and strongly encourages you to use a different LDAP directory.
  1. Evaluate existing groups.
    If there are existing groups that seem to already contain the right subjects that correspond to SUP Administrator, SUP Domain Administrator, and SUP Helpdesk platform roles, you can use those groups. The names need not be exact, as you can map them in Sybase Control Center to address any differences.
  2. If no sufficient group exists, add them for Unwired Platform.
  3. Add subjects to these groups to assign Unwired Platform corresponding permissions.
  4. Determine what values are needed for the login module properties in Unwired Platform.
    For example, for an LDAP login module you need values for the providerURL, serverType, bind user, bind password, search base and so on.
Parent topic: Mapping Unwired Platform Logical Roles to Physical Roles