Highlighted
Absent Member.
Absent Member.
722 views

LDAP mapping

Hi,

I am trying to configure LDAP mapping in Service Center.
Under fie/field settings what values should i give for LDAP Base Attr String? Please provide some examples if possible.

Thanks in advance,
Keer
Tags (1)
0 Likes
17 Replies
Highlighted
Established Member..
Established Member..

Re: LDAP mapping

We have implemented LDAP mapping only for login purposes so far. We authenticate through Windows Active Directory. In the LDAP Base I have "objectclass=user" which I belive is the object class in AD.
0 Likes
Highlighted
Established Member..
Established Member..

Re: LDAP mapping

Hi Keer,

Attached is how ours is setup.

hope this helps...
-Mark
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP mapping

HI,

Thanks for your replies.I have made the necessary changes.
But after creating a user in Active Directory when i try to login with that username and password in SC its giving me an error saying invalid logon/password.
Can you please help?
0 Likes
Highlighted
Established Member..
Established Member..

Re: LDAP mapping

Hi Keer,

For my users, they've keyed-in their user ID in uppercase or made some sort of typographic error.

hope this helps...
-Mark
0 Likes
Highlighted
Established Member..
Established Member..

Re: LDAP mapping

they still have to have a SC operator record (unless one is automatically created for them as in ESS).
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP mapping

Hi,

Thanks for your replies. I have found in the sc.log file the following message

2848( 3496) 08/20/2007 14:21:14 RTE I SASL BIND for falcon returned 49 (Invalid credentials)

From the above message i could understand that ldapbinddn parameter is not taking the value i have specified. Can you tell me what kind of value i should be giving for ldapbinddn and ldapbindpass?

Regards,
Keer
0 Likes
Highlighted
Established Member..
Established Member..

Re: LDAP mapping

Falcon probably does not exist in your LDAP source. Create an account with your login name from your LDAP source - probably keer - giving you all the same rights as falcon. Then login with keer and your LDAP source password.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP mapping

Hi Cliff,

Thanks for the help. I already created a valid account for falcon in LDAP, still its not working.Below is the format i used for ldapbinddn parameter in sc.ini file.

ldapbinddn:uid=falcon,dc=SI-EMS,dc=com

It gives me error 49 saying invalid credentials. Is it the correct format for ldapbinddn parameter?

Thanks and Regards,
Keer
0 Likes
Highlighted
Established Member..
Established Member..

Re: LDAP mapping

Error code 49 suggest either an incorrect DN or the password has expired or the account is otherwise locked.

I also noticed that you do not specify where to find falcon in your AD tree. We specify two OU variable. This may be differeces in how our tree is set up but may also be contributing.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: LDAP mapping

Hi Cliff,

This time i was able to do the binding successfully.Follwing was the message displayed in the log file

RTE I SASL BIND for cn=keerthi keerthi,ou=infy,dc=SI-EMS,dc=com returned 0 (Success)

However when i try to login to SC with the above Username who is not a operator in SC, it gives me invalid username/password error
and in the log file i could observe

RTE D |OpenLDAP| result errno 1, error <00000000: LdapErr: DSID-0C0905FF, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece>, matched <>

thanks,
Keer
0 Likes
Highlighted
Established Member..
Established Member..

Re: LDAP mapping

Hi,

It's my understanding that once you switch-on LDAP, it first looks for a valid operator in SC, then authenticates using the LDAP password. Try creating the operater in SC... the password won't matter on the operator while you have LDAP enabled.

hope this helps...
-Mark
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.