Troubleshooting LDAP/S Configuration in DevTest

Document ID : KB000095610
Last Modified Date : 11/05/2018
Show Technical Document Details
Introduction:
You can configure access control (ACL) so that user authentication is based on the information in an LDAP server, multiple LDAP servers, the database, or LDAP servers and the database. The ACL administrator should consult with your LDAP administrator for configuration and implementation that is based on the following properties.

 Edit the authentication-providers.xml file in the home directory,

Note: The authentication-providers.xml file must exist in the Registry's home directory. 

<authentication-provider
        name="Corp. Active Directory Server"
        autoAddUsers="false"
        authenticateOnly="false"
        enabled="true"
        type="ActiveDirectory"
        defaultRole="SV Power"
        rejectUnmappedUsers="true">
        <url>ldaps://server.example.com:3269</url>
        <user-dn>cn=readOnlyUser,ou=users,dc=example,dc=com</user-dn>
        <user-password>drowssap</user-password>
        <user-dn-pattern>cn={0},ou=users,dc=example,dc=com</user-dn-pattern>
        <user-search-base>dc=example,dc=com</user-search-base>
        <user-search-filter>(&amp;(objectClass=user)(sAMAccountName={0}))</user-search-filter>
        <group-search-base>ou=groups</group-search-base>
        <group-search-filter>(member={0})</group-search-filter>
    </authentication-provider>

Users must be a member of at least one LDAP group.

Use the ldap-mappings.xml file in the DevTest home directory to assign roles to groups of LDAP users. If no mapping file is provided,  it will pick the default role specified in the authentication-providers.xml file. 
Environment:
All Supported DevTest Environment 
Instructions:
If LDAP successfully authenticates  the user can be automatically added to the database. If you are not successful  please look at the DevTest workstation.logs if authenticating from Workstation  and also refer to the  acl.log , registry.log and portal.log on the server.  
  • Work with your LDAP Admin for all LDAP related errors first.   
  • You can also use any third party tool like  JXplorer.exe or LDP.exe  to verify these credentials as well.  
  • If you still think this is a DevTest issue, open a support case. 
Additional Information:
Refer to these sections in the documentation of the DevTest release being used. 
 

Configure Authentication Providers for ACL

Authorize Users Authenticated by LDAP

ACL Configuration Scenarios