Unable to login to CAPC
Article ID: 186557
Updated On:
Products
CA Infrastructure Management
CA Performance Management - Usage and Administration
DX NetOps
Issue/Introduction
With the CAPC configured for ldaps, users are unable to login. When testing LDAP connectivity in ssoconfig we got the following error:
Could not obtain a DirectoryContext.
javax.naming.NamingException: [LDAP: error code 89 - Simple bind operations are not allowed to contain a bind DN without a password.]
Environment
Any CAPM version
Cause
Backend directory changed by server / ldap team
Resolution
We made the following change to the LDAP Config:
Original config:
SSO Configuration/CA Performance Center/LDAP Authentication:
Connection User: {0}
Connection Password:
Search Domain: ldaps://xx.xx.com:636/o=world
Search String: (extshortname={0})
Search Scope: Subtree
User Bind: Disabled
Encryption: Simple
Account User: {extshortname}
Account User Default Clone: none
Group:
Krb5ConfigFile:
Status: Enabled
Timeout: 10000
We changed "Connection User" to extshortname={0} and we changed Connection Password to {1}
When testing LDAP in SsoConfig it successfully binded and users were able to login
Original config:
SSO Configuration/CA Performance Center/LDAP Authentication:
Connection User: {0}
Connection Password:
Search Domain: ldaps://xx.xx.com:636/o=world
Search String: (extshortname={0})
Search Scope: Subtree
User Bind: Disabled
Encryption: Simple
Account User: {extshortname}
Account User Default Clone: none
Group:
Krb5ConfigFile:
Status: Enabled
Timeout: 10000
We changed "Connection User" to extshortname={0} and we changed Connection Password to {1}
When testing LDAP in SsoConfig it successfully binded and users were able to login
Feedback
Yes
No
Powered by
