ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unable to login to CAPC

book

Article ID: 186557

calendar_today

Updated On:

Products

CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

With the CAPC configured for ldaps, users are unable to login.  When testing LDAP connectivity in ssoconfig we got the following error:

Could not obtain a DirectoryContext.
javax.naming.NamingException: [LDAP: error code 89 - Simple bind operations are not allowed to contain a bind DN without a password.]

Cause

Backend directory changed by server / ldap team

Environment

Any CAPM version


Resolution

We made the following change to the LDAP Config:

Original config:

SSO Configuration/CA Performance Center/LDAP Authentication:
Connection User: {0}
Connection Password:
Search Domain: ldaps://xx.xx.com:636/o=world
Search String: (extshortname={0})
Search Scope: Subtree
User Bind: Disabled
Encryption: Simple
Account User: {extshortname}
Account User Default Clone: none
Group:
Krb5ConfigFile:
Status: Enabled
Timeout: 10000

We changed "Connection User" to extshortname={0} and we changed Connection Password to {1}

When testing LDAP in SsoConfig it successfully binded and users were able to login