Hi!
Now, who can help me with this challenge?
Setup
We have one Qlik Sense (Nov 2017) server, but have users in two different AD-servers.
The Qlik server belongs to the AD-1 domain, but is set up with 2 User Directory Connectors:
- LDAP://domain1.com, username1, password1
- LDAP://domain2.com, username2, password2
Currently, none of them have any LDAP filters, so we get all the users in both directories.
Both are running (we have traced the network traffic) and they are both importing users, which we can see in QMC under Users:
- User Ada AD-1 userA Inactive=No Blocked=No Removed externally=No
- User Bob AD-2 userB Inactive=No Blocked=No Removed externally=No
Logging in
When User Ada goes to https://qlik.company.com/, she gets redirected to https://qlik.company.com:4244/windows_authentication/?targetId=....and gets the popup login box. Ada can log in by using both 'userA' and 'AD-1\UserA'.
When User Bob goes to the same address: https://qlik.company.com/, he too gets redirected to https://qlik.company.com:4244/windows_authentication/?... and gets the password box.
But when entering a user and password, the login box just reappears.
To verify, we have cross-checked where the user is sitting when logging in, with what domain he/she is using:
Logging from a PC in:
Logging in as:
| Domain 1 | Domain 2 |
|---|
| AD-1\UserA | Works | Works |
| AD-2\UserB | Doesn't work | Doesn't work |
| | |
LDAP verification
Using powershell ´System.DirectoryServicees.Protocols.LdapConnection.Bind´ on the Qlik Sense server, I have tested users and passwords.
Both users return success, so I cannot see that there is any network, firewall etc issues.
Qlik Sense and multiple LDAP servers
Can Qlik Sense have more than one LDAP server?
Where do I look? I cannot find any traces of UserB in any logfiles.
