When trying to assign LDAP groups to an ACL in IM I get the error "Cannot list LDAP groups"
search cancel

When trying to assign LDAP groups to an ACL in IM I get the error "Cannot list LDAP groups"

book

Article ID: 93210

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

In IM (or Admin Console), you can try to assign LDAP groups to ACL's via  Security -> Manage Access Control List... -> Set LDAP group.  In some environments this this can cause IM (or Admin console) to report the error  "Cannot list LDAP groups" without further information on the problem.

Environment

Any current UIM version

Cause

The IM thick client is expected to display the "Cannot list LDAP groups" error when there are many LDAP groups configured on AD. This can be mitigated via the filter_group key in the AD Template section in the hub.cfg

Resolution

The workaround for this issue is to filter the list of LDAP groups by modifying the 'filter_group' parameter in the hub configuration:

1. Backup the hub.cfg on the target hub that will perform the LDAP Authentication
2. Open the hub.cfg and update the 'filter_group' key 

Default Value: (objectClass=group)

Updated Value to list group 1 and 2: (&(objectCategory=group)(|(cn=grp1)(cn=grp2)))

OR

Updated Value to list all groups starting with 'grp': (&(objectCategory=group)(cn=grp*))

3. Save the change and restarted the Hub

 
Powered by Wolken Software