cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

End User Logon cannot verify LDAP account/password

Go to solution
Former Member

on ‎11-14-2014 10:36 AM

0 Kudos

Hi GRC experts

Here I connected to LDAP server successfully and can query AD account from AD server. But  the end user verification via LDAP server does not work. It pops up an error message and says that "Invalid user credentials". Can someone please tell me what I need to check further? Thanks a lot

Best regards

James

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member193066
Active Contributor
‎11-14-2014 11:28 AM
0 Kudos

Go to Data source disable authentication try without password.

Check if binding is successful.

They enable and try with your password.

Regards,

Prasant

Show replies
Show replies
Former Member
‎11-15-2014 10:11 AM
0 Kudos

Hi Prasant


Yes, I tested to disable verification without password and it can work, the LDAP binding is sucessful. But it cannot verify account with password


Best regards

James

former_member193066
Active Contributor
‎11-16-2014 4:41 AM
0 Kudos

Check your Base entry and there is note for LDAP binding how to test.

1978357 - User Search from LDAP: Checking if LDAP Authentication and Binding is successful

Prasant

Former Member
‎11-18-2014 3:41 AM
0 Kudos

Hi Prasant and Abhi

Thanks for your help, now the LDAP verification can work.

I traced the code and found that the root cause is because of the LDAP Group parameter setting. We must configure the parameter "LDAP_END_USER_AUTH_SUFFIX" and set the value empty.

If you don't configure "LDAP_END_USER_AUTH_SUFFIX", the program will automatically bind user with "@+LDAP IP" and use the new user ID to try to login LDAP server.

Best regards

James

Former Member
‎11-18-2014 8:33 AM
0 Kudos

Additional remarks, the value of LDAP_END_USER_AUTH_SUFFIX should be "@+Domain Name"

Answers (1)

Answers (1)

Former Member
‎11-15-2014 6:27 PM
0 Kudos

Hi James,

Go to transaction code LDAP -> LDAP connectors.

Make connector is active under status.

Regards,

Abhi

Show replies
Show replies
Ask a Question