Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
I am trying to use the LDAP connector for user authentication and get the following error:
The User Directory Connector (UDC) is not configured, becayse the following error occurred. Setting up connection to LDAP root node failed. Check log file.
I am suspecting that it is related to certificates but am not sure.
Can you advise on the things that I should check?
I have connected to the LDAP server using the same credentials from the QlikSense server using ADExplorer from Microsoft SysInternals and that works OK.
Hi @andrew_thomson,
When you tried to connect with the same setting, same user and with LDAP Admin, it's needed to be done from the Central node.
And in your case you seem to have a multi node with a failover node.
As one of your node took the leadership, the former central node is not anymore the central node.
So what is important to know here, is that the UDC connections are done from Central node.
Therefore the above test needs to be done from the new central node.
And in your case it's failing, so you would need to review the environment with your network/security team.
Regards,
Benoit
Hi @steste-b73 ,
first of all, I'd need to clarify that the UDC is not used for "authentication", but rather to import users and authorize them.
As for the issue, I'd suggest checking the *UserManagement_Repository* logs under C:\ProgramData\Qlik\Sense\Log\Repository\Trace to check for error messages that would point you in the right direction.
Cheers!
Hello, I am facing the exact same issue. Did you ever find a resolution to the problem?
One of our UDC's just stopped working one day, we have another syncing no problem daily.
Thanks
Hello @andrew_thomson,
For this issue you might want to check the UDC logs.
Check the UserManagement_Repository log at this location: %ProgramData%\Qlik\Sense\Log\Repository.
You also could check below article:
Regards,
Benoit
Thank you for the reply, I have seen this post and tried the suggested steps, but alas this has not resolved the problem. I have scoured a lot of the forum posts but none of the suggested avenues seem to be working for me.
I have a support ticket open with Qlik, but just tried the forums to see if OP could provide any details of a fix if found.
Hello @andrew_thomson,
What you could try it to connect with the same setting, same user and with LDAP Admin and check if it's working:
Regards,
Benoit
Thanks again for the reply, I have already tried and confirmed the connection and credential details are correct using an LDAP admin tool. This issue resides in our QA/Dev environment, the same UDC's are present in our production environment and all the config and credentials are the same across both environments. This leads me to suspect that there is some config issue specific to the service, perhaps in the PostGreSQL DB or in some settings file on that server.
Logs have been added to the support ticket, so hopeful it can progress there.
Hi @andrew_thomson,
When you tried to connect with the same setting, same user and with LDAP Admin, it's needed to be done from the Central node.
And in your case you seem to have a multi node with a failover node.
As one of your node took the leadership, the former central node is not anymore the central node.
So what is important to know here, is that the UDC connections are done from Central node.
Therefore the above test needs to be done from the new central node.
And in your case it's failing, so you would need to review the environment with your network/security team.
Regards,
Benoit
Thanks Benoit, you are 100% correct.
Just finished a call with Qlik support and we came to this same conclusion as well.
Our secondary node was indeed set as the Central Node, as a failover candidate.
Having checked with our infrastructure there was a DSN/trust issue on that second server where the DNS settings needed to be updated to the latest trusted DNS IP. This was updated and the UDC has now lost that error, success!
Thanks for taking the time to respond, very much appreciated. Hopefully this exchange could help some other poor soul with similar circumstances.