Customer needs to remove connection from the CARA NAC to a legacy LDAP server. It is impossible to do it via GUI without removing and recreating many users with all original rights and privileges.

CA RELEASE AUTOMATION 6.8.0

Legacy users are updated in the database using one of the two SQL statements below and then allowed to login using new LDAP server.

UPDATE users
SET ldap_authenticated = '0'
WHERE username in (xxx, xxx, xxx)

UPDATE users
SET ldap_authenticated = '0'
WHERE ldap_host = '<legacy_dc>'

After this update, check:

1. The users can log in to CARA.

2. On login, that the legacy LDAP connection is not made.

3. The user records in the users table are updated with the correct ldap config:

    a. ldap_dn field is set correctly and points to the correct user in the new LDAP server

    b. Fields ldap_host, ldap_port, ldap_search_context, ldap_security_context, tbd67_not_imported_ldap are set to NULL

    c. directory_server_id is set to the correct value corresponding to the id of the new LDAP server