 |
|||||
|
As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only. Join the TIBCO Community
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community. | |||||
Read-Only TopicGo | Search | Notify | Tools |
| [Solved] AD SETTINGS | Login/Join |
| Guru |
Hi, I am configuring webfocus to use active directory and would like to know how to set up the value : ldap_user_base . I put the value as follow but it did not work: o=users,dc=dudelange,dc=guardian,dc=corp any idea. Regards.This message has been edited. Last edited by: Majid Jeddi, WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server | ||
|
| Expert |
Should be "ou" T
| |||||||||
|
| Guru |
Hi Tony, Yes i corrected that and it is not working. I have and LDAP connection tester and used it to verify all the information i have entred and it is working there. I am getting a message invalid credential. Regards. WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server | |||
|
| Virtuoso |
Can you post your entire connection string as seen in the edasprof.prf? Remove the password. "There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott | |||
|
| Guru |
Hi Dhagen, here is the connection from EDASPROF ENGINE X500IN SET CONNECTION_ATTRIBUTES CON01 280dc01/280webfocustest, here i used to have the password:'PORT 389 UDNBASE "OU=users,DC=dudelange,DC=guardian,DC=corp" UDNATTRIBUTE uid' Thanks WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server | |||
|
| Virtuoso |
Based on your settings, I would assume that your distinguishedName is: uid=280webfocustest,OU=users,DC=dudelange,DC=guardian,DC=corp Is this true? For example, the distinguishedName of the userid I use to connect is: CN=adminuser,OU=USERS,OU=DEVELOPMENT,OU=INT,DC=mydomain,DC=com So my connection string is: ENGINE X500IN SET CONNECTION_ATTRIBUTES ADCONDEV ldap.mydomain.com/adminuser,somepassword:'PORT 389 UDNBASE "ou=users,ou=development,ou=int,dc=mydomain,dc=com" UDNATTRIBUTE cn' The biggest issue I see when people try to set this type of connection up is when the connection string does not match the distinguishedName. "There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott | |||
|
| Silver Member |
The "user dn attribute" needs to be cn - not uid. prod: WF 8.1 On Win2012 database: msSQL2012 test: identical to prod | |||
|
| Guru |
Hi Dhagen, Yes that is true and this is the message I am getting: (FOC36718) Failure to bind to LDAP server : Invalid Credentials Regards. WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server | |||
|
| Virtuoso |
Try one thing: Manually edit the edasprof.prf, and replace the encrypted password with the real clear text password. Then save the file and go to the console and test the adaptor (without opening the properties). I had an installation in the past where the password wouldn't decrypt properly for AD. If this does not work, then open a case with NY. In my experience, this is pointing to an invalid distinguishedName. "There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott | |||
|
| Silver Member |
Did you try changing the user dn attribute to cn? You will notice in the example dhagen posted that the user attibute is cn - not uid. We also use AD. When everything was correct with the credentials I received the same error you did when using anything but cn as the attribute. Both uid and sAMAccountName result in an invalid credentials error. prod: WF 8.1 On Win2012 database: msSQL2012 test: identical to prod | |||
|
| Guru |
Hi, It is really frustrating to read the documentation and not succeed to establish the connection to AD directory. I am with my network administrator and had made sure that the information we are entring are correct. As i have mentionned in my earlier posts we used an LDAP tool to verify that the parameter required by webfocus are correct. Any idea?. Regards. WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server | |||
|
| Silver Member |
This is a connection string that works. The User Name is the display name - not the alias. For example, this user's alias is wfldap - but using that (instead of "WF Email LDAP") will result in the error you have. The base also has to be where the user account you are using is located. And the user attribute needs to be cn. ENGINE X500IN SET CONNECTION_ATTRIBUTES PIPELINE pipeline/WF Email LDAP,xxxxxxxxxxx:'PORT 389 UDNBASE "ou=service accounts, dc=discoverdsc, dc=com" UDNATTRIBUTE CN' prod: WF 8.1 On Win2012 database: msSQL2012 test: identical to prod | |||
|
| Guru |
Hi, While configuring the LDAP adapter i have entered the following information: cn=users,dc=dudelange,DC=guardian,dc=corp and for the user instead of uid i have entered cn and could make it work. Now i went to the access control menu and wanted to enable the LDAP security by entering the same info and it does not work. I got "autehntication failed". Now how can things work in one page and do not work elsewhere? Confusing!!!! Regards. WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server | |||
|
| Virtuoso |
To the best of my knowledge - based purely on my experience and no documentation that says any of the following, this is a two step process. Not only must the authentication happen, but it also performs a bind using the DN. The LDAP security module connects like most standard LDAP tools, hence the differences. Remember, that one is set up to retrieve content from AD, while the other is set to perform security search and look ups. "There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott | |||
|
| Silver Member |
If this is Microsoft LDAP and you post exactly what you used for the attributes under the three tabs, I may be able to help you prod: WF 8.1 On Win2012 database: msSQL2012 test: identical to prod | |||
|
| Guru |
I can send you screen shots of our LDAP settings as they are configured for MS Active Directory. These are from the Webconsole's Workspace - Access Control section. Will that help? If so, send me a private message with an e-mail address. Cheers, Dan 7.7.05M/7.7.03 HF6 on Windows Server 2003 SP2 output to whatever is required. | |||
|
| Guru |
Hi, Thanks to all of you for the support and idea you have exchanged with me. With all the suggestion you made and some testing i could make LDAP/AD work corrcetly and here are the settings i have entered: ldap_user_base :cn=users,dc=dudelange,DC=guardian,dc=corp ldap_user_attribute :sAMAccountName The last settings was the cause. Regards. WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
Read-Only TopicCopyright © 1996-2020 Information Builders
| View $GS_USERNAME's Public Profile |
| Add $GS_USERNAME to my Ignore List |
| View Recent Posts by $GS_USERNAME |
| Notify me of New Posts by $GS_USERNAME |