Menu

#923 AD LDAP wizard creates AD entry with blank short name plus plain LDAP entry with ldap short name

Configuration_DB
closed
nobody
ldap wizard ad (1)
5
2016-06-29
2013-07-30
JimS
No

PO 4.0.5.0.0 on Centos 6.4 64-bit. New install. Configured LDAP auth against Active Directory.

Seems to kinda work, but instead of the users that were discovered and added at the end of the wizard showing as part of the newly-created "LDAP <ad domain="" dn=""> (Active Directory)" authority, they default to an authority short-name of "ldap" which is associated to a second LDAP authority which is just called "LDAP." The "LDAP <ad domain="" dn=""> (Active Directory)" authority does not have anything in the authority short-name field.</ad></ad>

When you go to one of the users' "community page" (intranet/users/view?user_id=<userid#>) it shows nothing next to "Authority" in the "User Basic Information" box. </userid#>

If you click "edit" in the user basic information (intranet/users/new) the assigned authority is "ldap" and the choices in the drop-down are "ldap", "local" and blank. If you then change the assigned authority to the blank entry and save (making sure a valid profile group is selected) then the "LDAP <ad domain="" dn=""> (Active Directory)" authority shows up in the User Basic Information box. </ad>

When first looking at the user, before going to the "community page" link, the Basic Information section displays the error:
"Error in include template "/web/projop/packages/acs-subsite/lib/usr-info": Query did not return any rows." which I assume to be because it's not searching the proper LDAP authority. I don't know if that's the case or not, just giving a bit more info.

Discussion

  • JimS

    JimS - 2013-07-30

    I manually tweaked the database:
    1) changed short-name of the oddball ldap auth
    2) Changed short-name of the AD ldap auth to "ldap"
    3) Changed the auth ID in all the users to the AD LDAP auth ID

    The "error in include template" went away. The AD authority shows in the user profiles.

    Anything else I need to tweak to clean it up?

     

    Last edit: JimS 2013-07-30

  • jpgo_chile

    jpgo_chile - 2014-03-20

    Glup!!!! BAD BAD SUPPORT!!! My deception: Project-open.

     

  • Frank Bergmann

    Frank Bergmann - 2016-06-29
    • Description has changed:

    Diff:

    --- old
+++ new
@@ -1,4 +1,3 @@
-
 PO 4.0.5.0.0 on Centos 6.4 64-bit.  New install.  Configured LDAP auth against Active Directory. 

 Seems to kinda work, but instead of the users that were discovered and added at the end of the wizard showing as part of the newly-created "LDAP <ad domain dn> (Active Directory)" authority, they default to an authority short-name of "ldap" which is associated to a second LDAP authority which is just called "LDAP."   The "LDAP <ad domain dn> (Active Directory)" authority does not have anything in the authority short-name field.
    • status: open --> closed
     

  • Frank Bergmann

    Frank Bergmann - 2016-06-29

    Hi,

    Official support is on the "Open Discussions" forum, as published. So this is the first time in years we look into this...

    Concerning AD: This should be fixed in V5.0. Big parts have been rewritten...

    Frank

     

Anonymous
Anonymous

Add attachments
Cancel





MongoDB Logo MongoDB