Some users are unable to login with their LDAP accounts
search cancel

Some users are unable to login with their LDAP accounts

book

Article ID: 249017

calendar_today

Updated On:

Products

DX NetOps CA Performance Management - Usage and Administration

Issue/Introduction

Some users are unable to login with their LDAP accounts, some are

Environment

Release : 21.2

Component : PM Portal

Cause

a) You have LDAP Groups configured in SsoConfig in the LDAP configuration.

See 10. Group on:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/performance-management/21-2/securing/single-sign-on/set-up-ldap-authentication.html

b) The user in LDAP is not a member of any of the groups referenced there.

c) Account User Clone is blank.

Resolution

For LDAP Users (Performance Management authenticated users are not impacted by the LDAP configuration)

1.If you only want new users to be created and existing users to be able to log in based on the LDAP group(s), leave Account User Default Clone blank.
    If the user is removed from the LDAP group, they will no longer be able to log in in this case.


2. If you want new users to be created and existing users to be able to log in based on the LDAP group(s), or manually created LDAP (External) users, or existing LDAP users (that were created using LDAP Group(s) but have since been removed from the LDAP group(s)), then Account User Default Clone should be set to {sAMAccountName}.


3. If you want new user accounts to be created for valid LDAP accounts that are not in the LDAP group(s), perhaps to a more limited user, set Account User Default Clone to an existing, and enabled user name to clone.

Powered by Wolken Software