Catalogs not pulling in groups from LDAP authentication
I have successfully set up LDAP authentication, and when I authenticate as a test user who is part of our OU Developers, I thought it would create the Developers group under the Groups section but that didn't happen. Is there anything I should be checking?
Here is our "Base Container"
OU=Developers,OU=Users,OU=Northwoods - Main Location,DC=Northwoodsoft,DC=com
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Anton Gogolev on 30 Nov, 2017 04:22 PM
Nathan,
Are you able to sign in to HgLab using LDAP credentials?
2 Posted by nathan.grier on 30 Nov, 2017 05:26 PM
Yes, LDAP authentication works, we tested this with a known AD account that belonged to the Developers group. The initial login did not let me into the Dashboard, but rather just refreshed the page. When I logged in as the administrator, the test account was created in the Users section so I granted it Collaboration privileges. When I logged out as the admin and logged back in as the test account, I could see the dashboard. So everything at the account level seems to be working.
Support Staff 3 Posted by Anton Gogolev on 01 Dec, 2017 10:24 AM
Nathan,
So none of the LDAP groups got synchonized or is it just the Developers
group? Anything fishy in HgLab logs?
4 Posted by nathan.grier on 01 Dec, 2017 03:41 PM
Well, we only have that user in the Developers group, which is in the Users OU so I'm assuming it should at least pull in those to containers as "groups". I tried logging in again this morning and the only error message I saw in global.log was
HgLab.Core.Framework.Appcast.AppcastManager - could not check for updates
followed by a stack trace. I can provide logs if you would like.
Support Staff 5 Posted by Anton Gogolev on 05 Dec, 2017 09:35 AM
Nathan,
No, Appcast is irrelevant here.
Can we schedule a TeamViewer session for me to diagnose the issue?
6 Posted by nathan.grier on 05 Dec, 2017 09:05 PM
Sure, how do you normally set that up? Do you just want to e-mail me privately?
Support Staff 7 Posted by Anton Gogolev on 06 Dec, 2017 10:07 AM
Nathan,
I've switched this discussion to Private mode, so you can send TV
credentials here.
I'm available for the next 6 hours or so today.
8 Posted by nathan.grier on 06 Dec, 2017 06:05 PM
Anton,
I'm not available today to do any testing, do you have any time tomorrow?
Support Staff 9 Posted by Anton Gogolev on 07 Dec, 2017 08:09 AM
Nathan,
Sure. Ping me whenever you are ready. Hopefully, our time zones are at
least somewhat compatible