Highlighted
Andrei Stefanescu Contributor.
Contributor.
53 views

SecureLogin + Advanced Authentication

Hello,

 

I have a strange issue regarding SecureLogin (8.7) + Advanced Authentication (6.2) + AD LDS and could use any ideas.

I installed LDS and connected SecureLogin to it. Everything works as intended. User applications are showing up on every station when the user logins. 

I tried adding the AD LDS repository in AA, but get an error "cannot bind to LDAP. invalid credentials".

Using the same account i'm able to add the AD repository (i should mention that the account i'm using is the admin account for AD LDS so this does not really make sense - any help regarding this AD LDS repo would be appreciated).

 

Now the issue i'm facing: 

I have SECURE LOGIN > AD LDS > AD 

And i have AA > AD

When i try to reauthenticate for a specific application in SecureLogin, i get the popup asking for Security Questions (that's the chain i chose) and i see the Security Question. When i enter the correct answer i get an error (incorrect).

If i use the same chain directly in AA (for instance in the Authenticator Login) and enter the same answer - i'm logged in.

The whole setup acts as if the AA user and the SecureLogin user are not the same (even though the full path for the user is the same in the AA reauthentication popup and in SecureLogin).

 

My questions: 

1) should it work with AA using AD repo and SecureLogin using AD LDS ? If so, what am i doing wrong ?

2) if i should use AD LDS repo in AA, what could be the reason for this "invalid credentials" error ?

 

 

Thank you.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.