If you have setup Maximo to use LDAP authentication and you try to go into the Users application and try to create a new record, you will get this error message: “You are using app server security, therefore you cannot call this method”.
So what are the reasons for wanting to create a user in Maximo? First, you may not want to use LDAPSync to synchronize your users from the LDAP directory to Maximo, or maybe you just haven’t set it up yet. Maybe you want more control over what users are stored in Maximo.
Well, there is a way to get around this by setting this property to false:
mxe.LDAPUserMgmt=0
You have to set this in your maximo.properties file for both Maximo 6 and 7. You cannot do this within the ‘System Properties’ application and do a live refresh. It won’t allow you to.
What about the pwd?
If you are using LDAP, your AD should handle that. This is just to add a new user in Maximo.
I know, but what I mean is that, with your suggestion you CAN add a new user but you CAN’T login with it because you can’t set it’s pwd.
yes, this is just for user creation. Pwd is used from ldap, as authentication is still ldap. This property just switches off the sync part.
yes, this is just for user creation. Pwd is used from ldap, as authentication is still ldap. This property just switches off the sync part.
I believe the purpose of creating a new user to use that profile locally in Maximo for testing and verify new change under that user profile. According to your solution, there is no option to set-up PASWORD then why creating new user? What is a sense to create user who is not able to log-in.
Is there any way to create new user which is not exist in AD/ldap to just use for testing purpose. I mean log-in as new user in Maximo with user/pass created without AD to test any changes made under that user profile?
Thanks, any suggestion? looking for your feedback
This method is working well for us. We don’t have thousands nor ten thousands of users… just a few hundred and we only add a few employees, if that, per month. Setting up LDAPSYNC was not all the effort and troubleshooting we had to endure.
When I delete a user in ad it not get deactivated in maximo how will i write a cron task for it .
What is the process for new USER creation when using LDAP? If a person, who does not have a user record, attempts to log in for the first time, what happens?
You will have to enable LDAPSYNC to sync the AD users to Maximo. If a person doesn’t exist then you will get an error stating so and won’t be able to login
Chon, if I use LDAPSYNC to update and add users, does setting mxe.LDAPUserMgmt=0 deactivate the LDAPSYNC management?
The CRON will still run. Disabling it just allows you to manually add users as well as sync users.