Identifying the operator for Kerberos authentication services
Specify the operator mapping so that a Kerberos authentication service can find the requestor record in your repository and bring values back to Pega Platform.
- Open the Kerberos authentication service and navigate to the Kerberos tab.
- If you are using LDAP, in the User principal name attribute field, enter the LDAP attribute name that is used for the User Principal Name on the LDAP server.
-
On the
Mapping
tab, map the naming attributes in the
directory sever that correspond to the Operator ID properties.
- Click the Add item icon, and add four attribute mapping rows.
- In the Property Name field, enter one of the following properties: .pyUserName, .pyOrganization, .pyOrgDivision, and .pyOrgUnit.
- In the Attribute Name field, enter the LDAP attribute that relates to the entered operator property.
-
On the
Custom
tab, in the
Source of operator
credentials
list, select where the operator credentials are
stored.
- Use credentials stored in PegaRULES – Only the users whose operator ID records do not have Use external authentication selected are allowed access through this service.
- Use externally stored credentials – Only the users whose operator ID records have Use external authentication selected are allowed access through this service.
- Click Save.