Verified Answers

If an answer to your question is correct, click on "Verify Answer" under the "More" button. The answer will now appear with a checkmark. Please be sure to always mark answers that resolve your issue as verified. Your fellow Community members will appreciate it!  Learn more

  • State Not Answered
  • Replies replies
    16
  • Subscribers subscribers
    178
  • Views views
    946
  • Users 0 members are here
  • Locked Locked
Related
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to configure LDAP Integration for uCMDB 10.00

MigrationDeletedUser

Hi,

 

Please help me on tis ..........

 

 

thanks n advance......

Tags:

Parents
  • 0

    Hi,

     

    I have it working nicely here so what's your issue? Did you look at the examles in the help?

     

    gr,

    Ronald

  • 0 in reply to MigrationDeletedUser

    To check the examples please go to Help ->UCMDB Help from main menu. Choose search and look for "Configure LDAP for Active Directory" or "LDAP Mapping". Let us know what went wrong in your case.

  • 0 in reply to Dima Gomel
    Good day all.

    I have the same problem setting up the LDAP integration on uCMDB 10.

    I have gone through all the help files on uCMDB itself but didn't find anything of extra use in resolving my issue.

    The issue I have is that it seems that uCMDB can log in to the LDAP & get all the user info in the logs, but can't pull the info through to the uCMDB gui, in order for me to do the group mappings.

    The error I get in the logs are :

    "returned as a result of a groups search, is not of type ldapGroup or dynamic ldapGroup"

    The groups search filter and root groups filter is as follows :

    (|(objectclass=top)(objectclass=domain)(objectclass=organizationalUnit)(objectclass=person)(objectclass=user)(objectclass=organizationalPerson)(objectclass=groupOfURLs)(objectclass=memberURL))

    I can unfortunately not display the OU, CN & DN details of the company, but the Group Base DN is :

    DC=(country),DC=(domain),DC=(local),DC=com

    Root Groups Base DN is:

    OU=(group),OU=(company),DC=(country),DC=(domain),DC=(local),DC=com

    An interesting thing I noticed is that the group we use doesn't have a group objectclass attribute.

    Will this be the issue?

    Any help would be appreciated.

    Thank you,
    Wynand De Beer.
  • 0 in reply to WDBSort1

    Hi,

    There are several types of groups in LDAP. Only ldapGroup or dynamic ldapGroup are supported. Please contact your LDAP administrator to clarify this.

     

  • 0 in reply to Dima Gomel

    Hi Dima.

     

    I have confirmed with the LDAP administrator that the environment does have ldapgroups & dynamic ldapgroups. He has given me one of those groups to test again.

     

    But I get the same problem, I can "see" the Group, but the users of that group doesn't display, only a blank page is returned.

     

    Here's an excerpt from the log:

     

    2013-04-16 07:12:42,834 [qtp1200648207-3386] - <<< Entering findUsersInGroup with the following parameters: groupName = {Test group name}, userAttributeNames = [Ljava.lang.String;@d34408f, filternull
    2013-04-16 07:12:42,834 [qtp1200648207-3386] - <<< Entering findUsersAndGroups with the following parameters: groupName = {Test group name}, userAttributeNames = [Ljava.lang.String;@d34408f, depth = 1, filternull
    2013-04-16 07:12:42,834 [qtp1200648207-3386] - <<< Entering createConnectionAndConnect with the following parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@617a730e
    2013-04-16 07:12:42,841 [qtp1200648207-3386] - >>> Exiting createConnectionAndConnect with the connection
    2013-04-16 07:12:42,841 [qtp1200648207-3386] - Calling LDAP search with the following parameters: base = DC=country,DC=area,DC=domain,DC=com, scope2, filter = (&(&(objectClass=*)(name=*))(&(objectClass = group)(name = {Correct Group name was returned}))), searchAttributes = [name, memberOf, name, description, objectclass], attrsOnly = false
    2013-04-16 07:12:42,842 [qtp1200648207-3386] - Received the LDAP result set of the size = 1
    2013-04-16 07:12:42,842 [qtp1200648207-3386] - LDAP entry from result set (will be ignored if not of group type): LDAPEntry: CN=group name,OU=Distribution Groups,OU=Groups,OU=company,DC=country,DC=area,DC=domain,DC=com; LDAPAttributeSet: LDAPAttribute {type='objectClass', values='top,group'} LDAPAttribute {type='name', values='Correct group name'}

     

    What could be the problem?

     

    Thank you.

     

    Kind regards,

     

    Wynand.

Reply
  • 0 in reply to Dima Gomel

    Hi Dima.

     

    I have confirmed with the LDAP administrator that the environment does have ldapgroups & dynamic ldapgroups. He has given me one of those groups to test again.

     

    But I get the same problem, I can "see" the Group, but the users of that group doesn't display, only a blank page is returned.

     

    Here's an excerpt from the log:

     

    2013-04-16 07:12:42,834 [qtp1200648207-3386] - <<< Entering findUsersInGroup with the following parameters: groupName = {Test group name}, userAttributeNames = [Ljava.lang.String;@d34408f, filternull
    2013-04-16 07:12:42,834 [qtp1200648207-3386] - <<< Entering findUsersAndGroups with the following parameters: groupName = {Test group name}, userAttributeNames = [Ljava.lang.String;@d34408f, depth = 1, filternull
    2013-04-16 07:12:42,834 [qtp1200648207-3386] - <<< Entering createConnectionAndConnect with the following parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@617a730e
    2013-04-16 07:12:42,841 [qtp1200648207-3386] - >>> Exiting createConnectionAndConnect with the connection
    2013-04-16 07:12:42,841 [qtp1200648207-3386] - Calling LDAP search with the following parameters: base = DC=country,DC=area,DC=domain,DC=com, scope2, filter = (&(&(objectClass=*)(name=*))(&(objectClass = group)(name = {Correct Group name was returned}))), searchAttributes = [name, memberOf, name, description, objectclass], attrsOnly = false
    2013-04-16 07:12:42,842 [qtp1200648207-3386] - Received the LDAP result set of the size = 1
    2013-04-16 07:12:42,842 [qtp1200648207-3386] - LDAP entry from result set (will be ignored if not of group type): LDAPEntry: CN=group name,OU=Distribution Groups,OU=Groups,OU=company,DC=country,DC=area,DC=domain,DC=com; LDAPAttributeSet: LDAPAttribute {type='objectClass', values='top,group'} LDAPAttribute {type='name', values='Correct group name'}

     

    What could be the problem?

     

    Thank you.

     

    Kind regards,

     

    Wynand.

Children

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.