When a new LDAP user logs in for the first time and is assigned the default access type. If you then look at this user's contact details nothing is placed in the access type field. How do we correct this and why does this happen?

Document ID : KB000052442
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

If Service Desk is configured with LDAP options when a new user logs in for the first time the newly created contact record will get an access type is blank.

Solution:

When a user logs in for the first time, a new contact record get created in Service Desk, and they have default access type get attached to it. However they won't be listed under the access type of that contact, which is working by design.

When a new contact is created in Service Desk it fetches all the details from LDAP like First_name, Last_name, Email id, System_Login ID. We have no LDAP attribute which defines the Access Type, hence it is left blank. As the Access Type is Blank the default access type gets attached to it.

Under the Service Desk Administration Tab -> Security -> access type -> to determine what the default access type is.

You can set this to an alternative access type when a new contact record gets created. The out-of-the-box default is set to the Administrator access type.

  1. Login to Service Desk ad Administrator.

  2. Go to Options Manager -> LDAP.

    1. On the right hand pane view the options listed for the LDAP settings.

  3. 'ldap_enable_auto' must be installed.

  4. 'ldap_enable_groups' option should be set to 'Yes'.

  5. Then Administration -> security -> access type -> web authentication.

  6. Select appropriate LDAP server group from the 'LDAP Access Group' dropdown.

While importing contact from LDAP its group will be associated with this 'Access Type' and will be set to this on the 'Service Desk' side.