Skip to Content
author's profile photo Former Member
Former Member

LDAP Configuration Issue

Hi frnds,

I am facing some typical problem with the LDAP Configuration. Please go through the below details and help me on this.

I did the LDAP Configuration in Portal under UME Configuration by uploading the configuration file and also provided the connection details like, Server Host, Port, User,Password, user Path, Group Path, SSL and all. Even the connection test is also Successful.

I have restarted the Portal server once the connection test is successful.

After the restart, I see the LDAP name added in the dropdown values in the User Management datasources.

I searched for the USERS and it returned me the list of Users available in the LDAP based on the serach criteria.

Even if I select any User, then I am able to see the User details also, like First name, Last name, email address, etc...

Now, I searched for the GROUPS in the LDAP. It reurned me the list of Groups available in the LDAP based on the search criteria.

The problem here is, as per the confirmation from LDAP Team, the User say, "T111111" is assigned to a Group, say "XYZ".

But when I checked the Group "XYZ", there are No Users assigned for that Group.

I also searched for the User, "T111111" and then checked the Assigned Groups Tab, then I found only "Everyone" and "Authenticated Users" Groups only are there, not the Group "XYZ".

Give me some inputs to resolve the issue of this Group-User mapping.

Is there any problem you see from Portal side or do you expect the issue is from LDAP team side?

Kindly help me to resolve this issue.

Thanks & Regards,

Ashok Kumar M.

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Dec 02, 2010 at 10:12 AM

    Hi,

    user-group-assignement is always done twice. This means a user must be assigned to a group and a group on the other side must also have the user assigned to it. Maybe in your case the reference is only done from one side and not the other way around in addition. You may check that within your LDAP.

    Regards

    Anja

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Dec 20, 2010 at 04:20 AM

    Good day.

    Confirm the following please:

    1.) The user defined for the LDAP bind has permissions to the group.

    2.) The LDAP users/group is in the same domain structure as the bind and not referenced (by alias or other). If not, you will need to create additinal LDAP binds for additional users/groups domains in EP.

    3.) You do not have negative filter conditions (download the datasources file and inspect the xml using notpad - search for negative filter) in your datasources file that ignores the relevant users/groups OR the users/group is not part of the ignored users/groups in the UME config.

    4.) As suggested by Anja check your LDIF for your groups and enter the group bind correctly (use LDAP browser to test this).

    5.) The LDAP Structure is correctly defiend for the datasources file FLAT/DEEP. Believe it or not I have seen some strange things before.

    6.) Check the logs - often issues are captured if there is synch issues etc.

    Hope this helps

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.