filr 4.2 with DSFW, group member ship will not work

Idea ID 2799901

filr 4.2 with DSFW, group member ship will not work

0 Votes

Filr 4.2 not support DSFW !.

But in case custom have netapp cifs storage against dsfw, we nead connect filr to dsfw.

Im my case the group member ship will not sync.

What Robin Redgrave and i found as possible issue:

Test group test202005

 

IMAGE_1.png

Filr will connect the dsfw server on port 636 and see following

IMAGE_2.png

Problem from DSFW is, the member are in eDir notification in ldap !

From AD view it shut be cn=kronawitter,ou=other,dc=loc,dc=ipfdd,dc=de

 

Ldap server ldap config

ldaps://dsfw10.domainname:636

User: cn=Administrator,cn=users,dc=domainname

Dirctory type: Active Directory

GUID attribute: objectGUID

Filer account name: sAMAcountName

Group config:

IMAGE_4.png

Result of group with no member:

IMAGE_5.png

Have anybody in the community run filr against dfsw ?

Any idea what going wrong ?

Best Regards Andreas

 

5 Comments
Respected Contributor.
Respected Contributor.

Update if use port 389 i see, the group with active directory notation.

But is also not sync group member !

 

ldap-389-anonymous.PNG

Micro Focus Frequent Contributor
Micro Focus Frequent Contributor
Status changed to: Waiting for Votes
 
Micro Focus Contributor
Micro Focus Contributor

I can confirm that by unknown reason Filr gathers the list of groups but doesn't populate them with members. I have synced several groups from my test lab DSfW into Filr 4.2 but all of them are empty (no users in it).

I'm ready to provide needed help in investigation if needed. I checked ndstrace output and found that Filr doesn't even try to check membership of the group during Import (Sync). Probably this is the root cause.

Respected Contributor.
Respected Contributor.

Hi IvanL,

only den cn=domain user,cn=uers,dc=domain group have member.

 

Micro Focus Contributor
Micro Focus Contributor

Hi @akronawitter 

Yes, only this group filled with users, that was my mistake when I wrote 'all groups are empty'.

Interesting thing happening if you change type of Directory from 'ActiveDirectory' to 'eDirectory' (and LDAP port as well - to 1389/1636, I think you aware of 2 LDAPs running with DSfW?): all groups becomes filled with users! 

It looks like a bug in my understanding.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.