cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP Configuration Issue

Former Member

on ‎12-02-2010 8:49 AM

0 Kudos

Hi frnds,

I am facing some typical problem with the LDAP Configuration. Please go through the below details and help me on this.

I did the LDAP Configuration in Portal under UME Configuration by uploading the configuration file and also provided the connection details like, Server Host, Port, User,Password, user Path, Group Path, SSL and all. Even the connection test is also Successful.

I have restarted the Portal server once the connection test is successful.

After the restart, I see the LDAP name added in the dropdown values in the User Management datasources.

I searched for the USERS and it returned me the list of Users available in the LDAP based on the serach criteria.

Even if I select any User, then I am able to see the User details also, like First name, Last name, email address, etc...

Now, I searched for the GROUPS in the LDAP. It reurned me the list of Groups available in the LDAP based on the search criteria.

The problem here is, as per the confirmation from LDAP Team, the User say, "T111111" is assigned to a Group, say "XYZ".

But when I checked the Group "XYZ", there are No Users assigned for that Group.

I also searched for the User, "T111111" and then checked the Assigned Groups Tab, then I found only "Everyone" and "Authenticated Users" Groups only are there, not the Group "XYZ".

Give me some inputs to resolve the issue of this Group-User mapping.

Is there any problem you see from Portal side or do you expect the issue is from LDAP team side?

Kindly help me to resolve this issue.

Thanks & Regards,

Ashok Kumar M.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member71614
Active Participant
‎12-20-2010 4:20 AM
0 Kudos

Good day.

Confirm the following please:

1.) The user defined for the LDAP bind has permissions to the group.

2.) The LDAP users/group is in the same domain structure as the bind and not referenced (by alias or other). If not, you will need to create additinal LDAP binds for additional users/groups domains in EP.

3.) You do not have negative filter conditions (download the datasources file and inspect the xml using notpad - search for negative filter) in your datasources file that ignores the relevant users/groups OR the users/group is not part of the ignored users/groups in the UME config.

4.) As suggested by Anja check your LDIF for your groups and enter the group bind correctly (use LDAP browser to test this).

5.) The LDAP Structure is correctly defiend for the datasources file FLAT/DEEP. Believe it or not I have seen some strange things before.

6.) Check the logs - often issues are captured if there is synch issues etc.

Hope this helps

Show replies
Show replies
anja_engelhardt2
Active Contributor
‎12-02-2010 10:12 AM
0 Kudos

Hi,

user-group-assignement is always done twice. This means a user must be assigned to a group and a group on the other side must also have the user assigned to it. Maybe in your case the reference is only done from one side and not the other way around in addition. You may check that within your LDAP.

Regards

Anja

Show replies
Show replies
Former Member
‎12-08-2010 11:42 PM
0 Kudos

Hi,

We have checked with the LDAP Team and they confirmed me that the assignment is done both ways. But still we are not able to see the LDAP Users under the LDAP Groups.

Please advise me how I can proceed further?

Thanks & Regards,

Ashok Kumar M

anja_engelhardt2
Active Contributor
‎12-10-2010 8:56 AM
0 Kudos

Did you check without portal involvement if LDAP would be able to provide the users that belong to a group? If yes you should check your UME configuration (expecially the paths) to your LDAP. If not it must be a LDAP issue.

Regards

Anja

Ask a Question