Manualshelf

Installation Guide

ManualsBrandsCisco ManualsCloud and Systems ManagementCisco Intelligent Automation for Cloud 4.1
41424344454647484950
5-6
Cisco Intelligent Automation for Cloud Installation Guide
OL-29971-02
Chapter 5 Optional Tasks
Adding the nsAPI User to the Cloud Administration Group
For instructions on creating security groups on your directory server, see the documentation that came
with your directory server software.
Note Cisco Intelligent Automation for Cloud 4.1.1 supports an individual’s membership to just a single
organizational unit or membership, not multiple organizations.
Adding the nsAPI User to the Cloud Administration Group
The nsAPI user account that you created on the LDAP server is used to connect Prime Service Catalog
to Process Orchestrator. For the nsAPI user account to function properly, you must add it to the Cloud
Provider Technical Administrator user group that you created in the directory. For instructions on adding
a user to a user role group on your directory server, see the documentation that came with your directory
server software.
Configuring User Role Mappings
To map the user roles, you specify the location in the directory that contains the six security groups you
created for each role.
Step 1 In Service Catalog, choose Administration from the module drop-down list, then click Directories.
Step 2 On the Directory Integration page, click Mappings in the menu on the right.
Step 3 In the Mappings pane, click Edit beside the mapping name you created when you configured mappings
(see Configuring Mappings, page 5-3).
Step 4 Expand Optional Person Data Mappings at the bottom of the page.
Step 5 In the Role List field at the bottom of the optional mappings list, enter mapping attributes for role list
that assigns the user to one of the six Prime Service Catalog user groups that you created in the directory.
using the convention used for the example scenario (variables for the example appear in boldface):
expr:#memberOf#=( CN=(.*),OU= Groups,OU= Austin,OU=Texas ,OU=USA,DC =no
texist,DC=local )?($1):
Step 6 Test the mappings using the Data Test Mapping feature.
Note For instructions on enabling and using the Data Test Mapping feature, see “Testing Mappings” in
Chapter 1, “Directory Integration and API,” in the Cisco Prime Service Catalog 10.1 Integration Guide.
The latest version of the technical reference guides can be found here:
http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-service-catalog/products-tec
hnical-reference-list.html