Troubleshooting why unauthorized users showing up in the DevTest Usage Audit Report when LDAP being used

Document ID : KB000010806
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

We have users that have either left our company or moved to other projects not using DevTest, but still showing on the Usage Audit Report.

Background:

Using LDAP authentication with the authentication-providers.xml file.

Environment:
All supported DevTest release and platforms.
Instructions:

In the authentication-providers.xml file, if autoAddUsers="true", when LDAP users login to the Portal, their user will get added to the ACL tables.  You can view the users from the Portal.  Provided you have the permissions to view users, click Settings, Access Control, Users.  Even if you delete the user, if a user is showing up on the Usage Audit Report, then someone is using that deleted user to access DevTest and it will get added back to the ACL tables again.  

You will need to have the unauthorized user deleted from the LDAP server.

We also provide authentication to login with the built-in users we deliver with DevTest: 

admin, caipower, svpower, tpower, devtest, sysadmin and guest

If you do not want the built-in users to be used and only LDAP users to login to DevTest, then remove, or comment out,  this provider from the authentication-providers.xml file:

<authentication-provider 

name="ITKO Authentication Module" 

type="Legacy" 

enabled="true" 

defaultRole="Guest"/> 

 

 

Additional Information:

If still having a problem with users accessing DevTest, then please open a CA Support case.