Muhammad Asif 3 Posted December 21, 2021 Share Posted December 21, 2021 after LDAP setup. 2 admin accounts works others do not work, they are in the same admin group. can anyone help on this issue. Link to comment Share on other sites More sharing options...
Naeem Sufi 3 Posted December 21, 2021 Share Posted December 21, 2021 Check their properties in ldap , also check their permissions (effective permissions) see whats different from IDS that work this may give you clues Link to comment Share on other sites More sharing options...
Muhammad Asif 3 Posted December 21, 2021 Author Share Posted December 21, 2021 permissions are same. how can I check IDS Link to comment Share on other sites More sharing options...
Muhammad Asif 3 Posted December 21, 2021 Author Share Posted December 21, 2021 ALL admin users are in same active directory group. should have same rights. I have removed one user from security center and it should Auto added it but still I do not see it. Link to comment Share on other sites More sharing options...
Debra Waybright Posted December 22, 2021 Share Posted December 22, 2021 Check settings in the Server Administration - Access Control. Is LDAP the primary security provider Are all the accounts in the Server Administrator Role Link to comment Share on other sites More sharing options...
Muhammad Asif 3 Posted December 22, 2021 Author Share Posted December 22, 2021 All users are in administration AD group. LDAP is primary security provide also. we removed one user from webfocus user list to check if gets auto added but it still not there. is the settings in screen shot correct Link to comment Share on other sites More sharing options...
Muhammad Asif 3 Posted December 22, 2021 Author Share Posted December 22, 2021 can we make changes to admin.cfg file as in previous version to make them similar Link to comment Share on other sites More sharing options...
Debra Waybright Posted December 22, 2021 Share Posted December 22, 2021 Im not entirely certain, but I think you need to have the User Authorization External Only radio button clicked, not the Internal. Or maybe Internal and External. You may need to reach out to support for help with the settings. We did. Link to comment Share on other sites More sharing options...
Martin Yergeau Posted December 22, 2021 Share Posted December 22, 2021 According to my settings where I have LDAP and SSO image.png771367 23.7 KB image.png782319 24 KB image.png776346 26 KB Otherwise follow Debra suggestion and call TechSupport Link to comment Share on other sites More sharing options...
Brian Suter Posted December 22, 2021 Share Posted December 22, 2021 Autoadd happens when the user attempts to log in (and autoadd is enabled). And do you have a WebFocus group which has admin privileges and is mapped to the ldap group you are using to control WF admins Link to comment Share on other sites More sharing options...
Toby Mills Posted December 22, 2021 Share Posted December 22, 2021 Suggest you read Chapter 4 in the security manual. image.png793755 72.3 KB Its easy to get turned around on the names Authentication versus Authorization image.png797391 53.5 KB The External Group Mapping that Brian is talking about is in here too: image.png824584 68.7 KB I think Id change our checkbox about Account Creation to only add people who are tied to a mapped group from LDAP: image.png809548 69.9 KB Use Martins example That should work for you. Link to comment Share on other sites More sharing options...
SATHEESH B Posted December 22, 2021 Share Posted December 22, 2021 You want to use LDAP for Authentication and LDAP Group for Authorization. Create LDAP Connection On the Reporting Server. Make sure to choose the Primary or Secondary. Primary doesnt require prefix with username and it will be default for authentication and Secondary Required Prefix. Set the Connection Trusted . in the WF Admin console Enable External Security. If you want to manage the users choose internal authorization . If you want to manage the users from external group choose internal and external or External. Save and restart the client. If you want to use external group then you have to map the external group with WF Domain Group. In the WFClient Security Center choose the group and create a subgroup called external Do not map the External group directly to parent group. mapping will allow only user from the mapped group you cant add any users manually. If there is a problem with external security you cant make changes. Select the wf group external and map the External group. if you cant find the group then there is a problem with the external connection. Security changes required restart check the logs for any issue. if you still have issue you may need to reach out tech support . Link to comment Share on other sites More sharing options...
Muhammad Asif 3 Posted December 22, 2021 Author Share Posted December 22, 2021 Thanks All I have figured it out, getting error incorrect user and password means its not configuration issue, I think Issue is with password some type of passwords webfocus does not like. Link to comment Share on other sites More sharing options...
Naeem Sufi 3 Posted January 11, 2022 Share Posted January 11, 2022 Yes WebFocus does not allow special Characters Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now