LDAP or ADFS integration username authenticated, not found in CB EDR user database and attrs not found to create (Invalid credentials)
search cancel

LDAP or ADFS integration username authenticated, not found in CB EDR user database and attrs not found to create (Invalid credentials)

book

Article ID: 287971

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

User is unable to log in with a red error "Invalid credentials" when credentials are correct.

  • With debug logging running, the following message is seen in the coreservices debug log
cb.flask.blueprints.api_routes_ldap - username authenticated, not found in CB EDR user database and attrs not found to create.

Environment

  • EDR Server: All Supported Versions
  • LDAP
  • ADFS

Cause

One of the required user fields is missing in AD

Resolution

The EDR product expects the following information be sent by the AD server

  • username
  • first_name
  • last_name
  • email

If any of these are missing, the user cannot be added even though they had a successful log in.

Additional Information

Powered by Wolken Software