Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Talend Cloud AWS EU Scheduled Outage: Starting Tues 26 May 21:00 CEST with expected completion Wed 27 May 01:00 CEST
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
eghigo977
Contributor
Contributor
‎2023-04-13 06:44 AM

Users not retrieved when connecting to an LDAPS server with Advanced LDAP

Hello,

We are facing an issue when trying to connect to an LDAPS server via an Advanced LDAP connection. Currently we are using an Active Directory connection to connect to the LDAP server which works perfectly fine. However, due to company policies, we need to start using a secure LDAP (LDAPS) service.

The sync finishes successfully so the connection to the LDAPS server is happening, however no users or groups are retrieved from the server as per the log below.

5081 20230413T095524.990+0000 INFO HOSTNAME UserManagement.Repository.Repository.Users.UserSyncEngine 25 cc852403-8871-4949-a61f-62f1bc8786a6 USERNAME Started synchronizing all users for 2f47fcf9-ae5a-42f4-a537-421fce67c6ac cc852403-8871-4949-a61f-62f1bc8786a6
5082 20230413T095524.990+0000 INFO HOSTNAME UserManagement.Repository.Repository.Users.SyncUsersWorker 25 1532b1b6-f8e6-4470-9875-b9c70b955f1c USERNAME Started syncing users 1532b1b6-f8e6-4470-9875-b9c70b955f1c
5083 20230413T095525.225+0000 INFO HOSTNAME UserManagement.Repository.Repository.Users.Support.SyncUserRepository 25 6558a938-89b3-4d07-9e42-22781ed1052c USERNAME Database done with 0 users and 0 groups in user directory (DOMAIN, 2f47fcf9-ae5a-42f4-a537-421fce67c6ac) 6558a938-89b3-4d07-9e42-22781ed1052c
5084 20230413T095525.334+0000 INFO HOSTNAME UserManagement.Repository.Repository.Users.SyncUsersWorker 25 a0cf6144-3024-4041-974c-965e32a52141 USERNAME Ended saving users in repository a0cf6144-3024-4041-974c-965e32a52141
5085 20230413T095525.334+0000 INFO HOSTNAME UserManagement.Repository.Repository.Users.UserSyncEngine 25 4aca1f56-4362-4b10-a66a-696e7170bc60 USERNAME Finished synchronizing all users for 2f47fcf9-ae5a-42f4-a537-421fce67c6ac 4aca1f56-4362-4b10-a66a-696e7170bc60

 When using the exact same setting an an LDAP browser, I can see the list of users available in the particular directory. Below are the settings used in the Advanced LDAP connector.

  • User directory name: the directory name
  • Host: ldaps.xxxxx.com:636
  • Username: email address
  • Password: password
  • Timeout(seconds): 500
  • BasDN: OU=AADDC Users,DC=xxxxx,DC=com

All other setting were left to the default values, so we're not sure if we need to do some changes also to some other configs.

 

Labels (1)
Labels
849 Views
0 Likes
1 Reply
Jay_Brown
Support
Support
‎2023-05-02 01:00 PM

Hello @eghigo977 ,

You could try removing the port from the LDAPS path as shown here:
https://community.qlik.com/t5/Official-Support-Articles/Requirements-To-Establish-UDC-Connectivity-U... 

As the connection succeeds I'm sure the certificate has been installed, correct?
https://community.qlik.com/t5/Official-Support-Articles/Qlik-Sense-User-Directory-Connector-LDAPS-Su... 

=

To help users find verified answers, please don't forget to mark a correct resolution or answer to your problem or question as correct.
670 Views
0 Likes