8 Replies Latest reply on Feb 25, 2014 5:00 PM by Brian Soncrant

    Issues populating roles with LDAP Synchronization

    Brian Soncrant

      We are trying to setup LDAP Synchronization with RBAC Roles and for some reason the Users aren’t being populated within the roles after running synchronization on the role.

       

      When I use ldapsearch from the app server, my queries seem fine:

       

      We are on Version of 8.2.1 of BSA.

       

      LDAPSEARCH Group Query on Server:

      [root@vxpid-eblogc05 /]# ldapsearch -hldapintdev-01.lmig.com -p389 -Duid=cp_atrium_orchestrator,ou=People,o=Applications,o=Intranet -wXXXXXXX -b"cn=products,ou=groups,o=liberty,o=intranet" -ssub "(cn=cp_atrium_orchestrator_admin)" "uniqueMember"
      # extended LDIF
      #
      # LDAPv3
      # base <cn=products,ou=groups,o=liberty,o=intranet> with scope sub
      # filter: (cn=cp_atrium_orchestrator_admin)
      # requesting: uniqueMember
      # with pagedResults control: size=100
      #

      # cp_atrium_orchestrator_admin, Products, Groups, Liberty, Intranet
      dn: cn=cp_atrium_orchestrator_admin,cn=Products,ou=Groups,o=Liberty,o=Intranet
      uniqueMember: uid=n0065285,ou=People,o=Liberty,o=intranet
      uniqueMember: uid=n0211476,ou=People,o=Liberty,o=intranet
      uniqueMember: uid=n0134801,ou=People,o=Liberty,o=intranet
      uniqueMember: uid=n0002501,ou=People,o=Liberty,o=intranet
      uniqueMember: uid=n0218343,ou=People,o=Liberty,o=intranet

      # search result
      search: 2
      result: 0 Success

      # numResponses: 2
      # numEntries: 1
      [root@vxpid-eblogc05 /]#

       

      LDAPSEARCH User Query on Server:

      [root@vxpid-eblogc05 /]# ldapsearch  -hldapintdev-01.lmig.com -p389 -Duid=cp_atrium_orchestrator,ou=People,o=Applications,o=Intranet -wXXXX -b"ou=People,o=Liberty,o=Intranet" -ssub "(uid=n0065285)" "uid"
      # extended LDIF
      #
      # LDAPv3
      # base <ou=People,o=Liberty,o=Intranet> with scope sub
      # filter: (uid=n0065285)
      # requesting: uid
      # with pagedResults control: size=100
      #

      # n0065285, People, Liberty, Intranet
      dn: uid=n0065285,ou=People,o=Liberty,o=Intranet
      uid: n0065285

      # search result
      search: 2
      result: 0 Success

      # numResponses: 2
      # numEntries: 1
      [root@vxpid-eblogc05 /]#

       

      Here are the settings for the Group Query in the UI:

      group.png

      Here are the settings for the User Query in the UI:

      group.png

      LDAP Connection in UI:

      group.png

      Group Mappings in Role:

      group.png