uCMDB LDAP configuration

Dear All,

I have configured LDAP on uCMDB 10.22, below are the settings, still it reverts the LDAP is not configured correctly, Please suggest.


Setting Value

LDAP connection string ldap://***.***.com:***/OU=***,DC=***,DC=***,DC=com??sub

Distinguished Name (DN) Resolution true

Root Group DC=***,DC=***,DC=com

Search Retries Count 5

Group Base DC=***,DC=***,DC=com

LDAP Search User CN=Usuario ****,OU=***,OU=***,OU=***,DC=***,DC=***,DC=com

Groups name attribute cn

Is case-sensitivity enforced in LDAP authentication True

Root Group Filter (|(objectclass=group)(objectclass=groupOfNames)(objectclass=groupOfUrls)(objectclass=accessGroup)(objectclass=accessRole))

Default Group

Users object class user

Group Base Filter (|(objectclass=group)(objectclass=groupOfNames)(objectclass=groupOfUrls)(objectclass=accessGroup)(objectclass=accessRole))

Use bottom up algorithm for find parent groups false

Root groups scope sub

Groups member attribute member

Group class object group

Users filter (&(sAMAccountName=*)(objectclass=user))

Enable LDAP authentication false

Scope for groups search sub

Groups display name attribute cn

UUID attribute sAMAccountName

Enable LDAP synchronization true

User display name attribute cn

Groups description attribute description

  • Hi There,

    It is very hard to say all settings are correct [they looks like correct], but i do recommend to test on jmx console for connection testing and use ldap browser see all settings are correct.

    you can do also test user to see if returns true.

    Do you see any specific error on the logs?


    UCMDB team


  • Hii  Ticketcrusher,


    below are the results I have received from jmx console, please suggest,

    Mbean: UCMDB:service=LDAP Services. Method: testLDAPConnection
    LDAP connection test has failed. Cannot retrieve LDAP Root Groups. See bellow more details about the cause.



    Mbean: UCMDB:service=LDAP Services. Method: verifyLDAPCredentials
    User usptaddo successfully passes LDAP authentication. Authenticated successfully
    Ldap groups for username usptaddo cannot be retrieved
    Verify LDAP credentials and retrieving users groups took: 1.4 seconds.


  • Hi There,

    looks like issue on root group mapping. can you be sure ldap search user able to search under those root group setting and make sure filter set properly.



Reply Children