Create a SSOP_BIND privileged identity for each login scheme on the THICKCLIENT service

  1. From the main ssoconfig menu, select Manage privileged access to services.
  2. From the sub-menu that appears, choose Add new Identity.
  3. For Lawson Service Name. Lawson Service Name (<empty>), type: SSOP_BIND
  4. Enter key with which you want to associate this identity (DEFAULT): Type the appropriate login scheme, for example, LOGINSCHEMENAME_LDAP2

    The identity key should match the LOGINSCHEMENAME of the login scheme.

    Since the DEFAULT privilege identity was already created when the ldapBind utility was run, it is not necessary to create the DEFAULT privilege identity. Instead you can go on creating privilege identities for the other LoginSchemes.

  5. For the identity property DN, enter the DN of the ldap search user.

    Make sure that DN corresponds to the ldap search user of the ldap server used for this login scheme.

    Value of identity property DN: (<empty>):cn=root,ou=users,o=test3

  6. Enter the password of the ldap search user Value of property PASSWORD: (<empty>): Enter the password if there is one.

    The message "The identity is created" appears when the process completes.

  7. Repeat steps 2 - 6 until you have created privileged identities for SSOP_BIND for each LoginScheme you specified in the THICKCLIENT service.

    You can use JXplorer to verify that the services have multiple login schemes.

    JXplorer showing privileged identities