search cancel

Does Spectrum and Oneclick support "O" notation used with OpenLDAP / OpenOTP for authentication?

book

Article ID: 216499

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

In the past we've setup Oneclick successfully with MS Active Directory.

However, we now have a customer that uses openotp, which does not uses the DC notation, but the O notation.

Which means the Base User directory is like: cn=spectrum_oneclick,ou=Groups,o=Root and the connection name like

cn=spectrum,ou=Mgmt,o=Root.

We now always get the error: SPC-OCA-10488: Either the user name does not exist in the external authentication database or the entered password is Invalid.

Can you confirm this should work with the O notation as well and Openldap systems?

 

Environment

Release : 20.2.x, 10.x

Component : Spectrum Core / SpectroSERVER

Cause

Spectrum and EEM do not support the "O" Notation

Resolution

Spectrum and EEM do not support an "0" notation that is being used by OpenLDAP, we only support the standard "dc" notation that is used in LDAP.

 

Additional Information

As an alternative the customer can use Siteminder to integrate with Spectrum and use radius / tacacs authentication instead of LDAP.