Difference between revisions of "LDAP Error: Invalid credentials"

Jump to navigation Jump to search

LDAP Error: Invalid credentials (view source)

Revision as of 01:26, 7 May 2015

1,465 bytes added ,  01:26, 7 May 2015
major Re-write of Troubleshooting section
m (Added example.)
(major Re-write of Troubleshooting section)
Line 25: Line 25:


== Troubleshooting ==
== Troubleshooting ==
Ensure you are using the correct User ID or password.


Also, you may have incorrect configuration data in your stash fileSee [[arsstash]] for an explanation of stash files, or [[LDAP and Content Manager OnDemand]] for a tutorial.
=== Ensure you are using the correct User ID or password ===
*Content Manager OnDemand uses non-case sensitive passwords by default, while LDAP servers store passwords in a case-sensitive manner.   
*In order to do this, CMOD converts the passwords to uppercase ("PassWord" is changed to "PASSWORD") before hashing them and storing them in the database. 
*Inside the Administrative Client, under System Parameters -> Login Details, in the top-right pane, select "Passwords Case Sensitive".  Any accounts that are excluded from password authentication (ie, the 'admin' account) will need to have their passwords entered in uppercase until they're reset.


The return code 49 indicates that you likely have a configuration issue.
=== Verify your stash file ===
* You may have incorrect configuration data in your stash file.  See [[arsstash]] for an explanation of stash files, or [[LDAP and Content Manager OnDemand]] for a tutorial. 
* Work with your LDAP administrators to determine the proper LDAP string to use in your stash file configuration.


The return code 49 indicates that you likely have an incorrect User ID or password, or possibly a restriction on the LDAP account which is causing the authentication request to fail.  If you're using Microsoft Active Directory, you will need to change your [[ars.cfg]] file to include:
  ARS_LDAP_BIND_ATTRIBUTE=sAMAccountName                                 
  ARS_LDAP_MAPPED_ATTRIBUTE=sAMAccountName                               
=== Turn on server tracing ===
[[File:Trace LDAP.png|right|thumb|500px|Enabling System Trace to troubleshoot LDAP issues]]
Change the trace.settings configuration file to include the following string:
  TRACE_FILE_LEVELS=ALL=3,LDAP=15
And make the change to tracing through the Content Manager OnDemand Administrative Client.
=== LDAP Return Codes ===


{| class="wikitable"
{| class="wikitable"
Retrieved from "https://CMOD.wiki/index.php?title=Special:MobileDiff/179"

Navigation menu