Add an Identity Source
To use an existing LDAP directory with RSA Authentication Manager, use the Operations Console to add the directory as a new identity source.
A deployment can have up to thirty identity sources. If you are using Active Directory, Global Catalogs configured as identity sources do not count against this limit.
Before you begin
You must be a Super Admin.
This procedure requires you to make informed decisions about the information that you enter. For more information about the identity source properties, see Identity Source Properties.
For full functionality, establish an SSL connection between AM and the identity source. For more information, see Identity Source SSL Certificates.
Before adding an OpenLDAP directory or PingDirectory identity source, review the required settings. For more information, see OpenLDAP and PingDirectory Attribute Requirements.
Note: Depending on the network or firewall configuration, you might not be able to validate the connection information from the primary server.
Procedure
Log on to the Operations Console on the primary instance.
Click Deployment Configuration > Identity Sources > Add New.
When prompted, enter your Super Admin User ID and password.
In the Identity Source Basics section, specify:
Identity Source Name. The name of the identity source that is displayed in the Security Console.
Type. The type of the identity source that you are adding.
Notes. Information about the identity source.
In the Directory Connection - Primary section, do the following:
Enter the requested information in the following fields. For detailed information, see Identity Source Properties.
Directory URL
Directory Failover URL
Directory User ID
Directory Password
Click Test Connection to ensure that the primary instance can connect to the specified directory. If the test fails, make sure that you have correctly imported the certificate for this identity source.
If you have a replica instance, complete the fields in the Directory Connection - Replica section, and click Validate Connection Information to verify that the primary instance can connect to the identity source. If the attempt fails, do the following:
Verify that you entered the correct settings.
If the settings are correct, make sure the primary instance is able to connect to the identity source.
If the primary instance is able to connect to the identity source, make sure no other network issues are causing the connection failure.
After you make any necessary changes, click Validate Connection Information again.
Click Next.
Provide the requested information for each of the following sections on the Add Identity Source - Map page. For detailed information, see Identity Source Properties.
Directory Settings
(Optional) Active Directory Options
Directory Configuration - User Tracking Attributes
Directory Configuration - Users
Directory Configuration - Users Groups
Click Save.
After you finish
Use the Security Console to link the new identity source to the system.
If you are logged on to the Security Console, you must log off and log back on to view the new identity source.
Related Articles
How to add a static route in RSA Authentication Manager 8.x Number of Views Change requests get randomly cancelled and add unrelated activities or continue to provision in RSA Identity Governance & … Number of Views Add a Report Number of Views Add an Authentication Agent Number of Views Identity Source Properties Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
