EDR: LDAP or ADFS integration username authenticated, not found in CB EDR user database and attrs not found to create (Invalid credentials)
search cancel

EDR: LDAP or ADFS integration username authenticated, not found in CB EDR user database and attrs not found to create (Invalid credentials)

book

Article ID: 287971

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

User is unable to log in with a red error "Invalid credentials" when credentials are correct.
  • With debug logging running, the following message is seen in the coreservices debug log
cb.flask.blueprints.api_routes_ldap - username authenticated, not found in CB EDR user database and attrs not found to create.

Environment

  • EDR Server: All Supported Versions
  • LDAP
  • ADFS

Cause

One of the required user fields is missing in AD

Resolution

The EDR product expects the following information be sent by the AD server
  • username
  • first_name
  • last_name
  • email
If any of these are missing, the user cannot be added even though they had a successful log in.

Additional Information

EDR: How to Enable Debug Logging for LDAP Configuration
EDR: How to enable Verbose Debugging for SSO/SAML
 
Powered by Wolken Software