> Essential > CommCell Configuration > Security > User Administration and Security > Managing Domain Controllers > Configurations for Domain Controllers in Multi-Tenant Environments

Adding Two Subsets from the Same Organization as Domain Controller Entities for Different Companies

You can add separate subsets within the same organization in an LDAP domain controller as domain controller entities associated with different companies for multi-tenant environments in the Command Center.

Before You Begin

  • You must have configured your environment as a multi-tenant environment. For more information, see Multi-Tenant Environment.

Procedure

The following procedure assumes that you have two companies (CompanyA and Company B) in your environment, and you want to create a domain controller entity for each company based on different groups units (Finance and Marketing) from the same organization (BusinessOrg) within a domain controller (Example.com).

  1. Create a domain controller for CompanyA using the Finance group in the organization BusinessOrg in the domain Example.com:

    1. Follow the procedure for adding a subset of domain objects as a domain controller.

    2. Click the Create for company list, and then select CompanyA.

    3. In the Attribute map section, do as follows:

      1. Replace the User group filter value with the LDAP query for the Finance group, (&(objectClass=group)(|(cn=BusinessOrg)(CN=Finance))).

      2. Replace the User filter value with the LDAP query for users that are members of the Finance group, (&(&(objectCategory=User)(sAMAccountName=*)(memberOf= Finance))).

      3. Replace the base DN value with the distinguishedName attribute for the domain, DC=Example,DC=com.

    4. Click Save.

  2. Create a domain controller for CompanyB using the Marketing group in the organization BusinessOrg in the domain Example.com:

    1. Follow the procedure for adding a subset of domain objects as a domain controller.

    2. Click the Create for company list, and then select CompanyB.

    3. In the Attribute map section, do as follows:

      1. Replace the User group filter value with the LDAP query for the Marketing group, (&(objectClass=group)(|(cn=BusinessOrg)(CN=Marketing))).

      2. Replace the User filter value with the LDAP query for users that are members of the Marketing group, (&(&(objectCategory=User)(sAMAccountName=*)(memberOf= Marketing))).

      3. Replace the base DN value with the distinguishedName attribute for the domain, DC=Example,DC=com.

    4. Click Save.

    The two domain controllers (both named Example and associated with CompanyA and CompanyB, respectively) appear in the Identity servers list.

Loading...