Highlighted
Honored Contributor.. Honored Contributor..
Honored Contributor..
1595 views

Problem with LDAP integration with UCMDB 10.01

Jump to solution

I have been trying to set up the AD integration of UCMDB. No luck though. Here are my "sanitized" settings. We are using LDAP over ssl. When running the mbean testLDAPConnection I don't see any errors, but I also don't see any results.

 

Setting Value
Users object class user
Is case-sensitivity enforced in LDAP authentication false
Groups member attribute member
Distinguished Name (DN) Resolution true
Root Group Filter (&(objectClass=*)(name=*)
LDAP connection string ldaps://MYLDAPSERVER:3269/DC=ad,DC=xxx,DC=xxx,DC=xxx??sub
LDAP Search User cn=srv.opsware.ad,OU=xxx,OU=xxx,dc=xxxx,DC=ad,DC=xxx,DC=xxx,DC=xxx
Group class object group
Use bottom up algorithm for find parent groups false
UUID attribute sAMAccountName
Groups name attribute cn
Group Base Filter (&(objectClass=*)(name=*))
Users filter (&(sAMAccountName=*)(objectclass=user)(memberof=CN=ALL_UCMDB_USERS,OU=UCMDB,OU=xxx,OU=xxx,DC=xxxx,DC=ad,DC=xxx,DC=xxx,DC=xxx))
Search Retries Count 5
Groups display name attribute cn
Root groups scope base
User display name attribute sAMAccountName
Scope for groups search base
Enable LDAP authentication true
Enable LDAP synchronization true
Root Group OU=xxx,OU=xxx,DC=xxxx,DC=ad,DC=xxx,DC=xxx,DC=xxx
Group Base OU=xxx,OU=xxx,DC=xxxx,DC=ad,DC=xxx,DC=xxx,DC=xxx
Default Group
Groups description attribute cn

 

Tags (1)
0 Likes
1 Solution

Accepted Solutions
Highlighted
Honored Contributor.. Honored Contributor..
Honored Contributor..

Re: Problem with LDAP integration with UCMDB 10.01

Jump to solution

We were able to fix our issue. 

Seems that UCMDB does not like spaces in the Group Base OU definitions. Had to replace the spaces with \20

 

HP will be opening a KM article for it.

 

 

View solution in original post

0 Likes
3 Replies
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: Problem with LDAP integration with UCMDB 10.01

Jump to solution

Case need investigation of logs. Please create the case with support.

Regards
-Dmitry Gomel, PMP
Click the Like button at the bottom to say 'Thanks'.
0 Likes
Highlighted
Honored Contributor.. Honored Contributor..
Honored Contributor..

Re: Problem with LDAP integration with UCMDB 10.01

Jump to solution

I already have a case open with support. No luck there so far.

 

Was just wondering if anyone else has seen problems with LDAP or has a fresh perspective.

 

I ran some tests through the JMX console, and I am successfully able to find users and groups using the following methods.

 

isLdapGroupExists

isLdapUserExists

 

It returns true for any groups matching the filter and scope. Same for users.

 

If I put in a group name not within the base DN or matching filter, I get false return.

 

 

0 Likes
Highlighted
Honored Contributor.. Honored Contributor..
Honored Contributor..

Re: Problem with LDAP integration with UCMDB 10.01

Jump to solution

We were able to fix our issue. 

Seems that UCMDB does not like spaces in the Group Base OU definitions. Had to replace the spaces with \20

 

HP will be opening a KM article for it.

 

 

View solution in original post

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.