Skip to main content

Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Announcements
CUSTOMERS ONLY: Now accepting customer applications for the 2023 Luminary Program: SUBMIT NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
steste-b73
Contributor
Contributor

QlikSense LDAP Connection

I am trying to use the LDAP connector for user authentication and get the following error:

The User Directory Connector (UDC) is not configured, becayse the following error occurred. Setting up connection to LDAP root node failed. Check log file. 

I am suspecting that it is related to certificates but am not sure. 

Can you advise on the things that I should check?

I have connected to the LDAP server using the same credentials from the QlikSense server using ADExplorer from Microsoft SysInternals and that works OK. 

Labels (1)
1 Solution

Accepted Solutions
Benoit_C
Support
Support

Hi @andrew_thomson,

 

When you tried to connect with the same setting, same user and with LDAP Admin, it's needed to be done from the Central node.
And in your case you seem to have a multi node with a failover node.

As one of your node took the leadership, the former central node is not anymore the central node.

So what is important to know here, is that the UDC connections are done from Central node. 

Therefore the above test needs to be done from the new central node. 

And in your case it's failing, so you would need to review the environment with your network/security team.

Regards,

Benoit

View solution in original post

8 Replies
Daniele_Purrone
Support
Support

Hi @steste-b73 ,
first of all, I'd need to clarify that the UDC is not used for "authentication", but rather to import users and authorize them.
As for the issue, I'd suggest checking the *UserManagement_Repository* logs under C:\ProgramData\Qlik\Sense\Log\Repository\Trace to check for error messages that would point you in the right direction.

 

Cheers!

Daniele - Senior Technical Support Engineer & SaaS Support Coordinator at Qlik
If a post helps to resolve your issue, please accept it as a Solution.
andrew_thomson
Contributor II
Contributor II

Hello, I am facing the exact same issue. Did you ever find a resolution to the problem?

One of our UDC's just stopped working one day, we have another syncing no problem daily.

Thanks

Benoit_C
Support
Support

Hello @andrew_thomson,

 

For this issue you might want to check the UDC logs.

Check the UserManagement_Repository log at this location:  %ProgramData%\Qlik\Sense\Log\Repository.

You also could check below article:

https://community.qlik.com/t5/Knowledge/User-Directory-Connector-Active-Directory-not-functional-aft...

 

Regards,

Benoit

andrew_thomson
Contributor II
Contributor II

Thank you for the reply, I have seen this post and tried the suggested steps, but alas this has not resolved the problem. I have scoured a lot of the forum posts but none of the suggested avenues seem to be working for me.

I have a support ticket open with Qlik, but just tried the forums to see if OP could provide any details of a fix if found.

Benoit_C
Support
Support

Hello @andrew_thomson,

 

What you could try it to connect with the same setting, same user and with LDAP Admin and check if it's working:

https://community.qlik.com/t5/Knowledge/How-to-connect-to-Active-Directory-using-the-Generic-LDAP/ta...

 

Regards,

Benoit

andrew_thomson
Contributor II
Contributor II

Thanks again for the reply, I have already tried and confirmed the connection and credential details are correct using an LDAP admin tool. This issue resides in our QA/Dev environment, the same UDC's are present in our production environment and all the config and credentials are the same across both environments. This leads me to suspect that there is some config issue specific to the service, perhaps in the PostGreSQL DB or in some settings file on that server.

Logs have been added to the support ticket, so hopeful it can progress there.

Benoit_C
Support
Support

Hi @andrew_thomson,

 

When you tried to connect with the same setting, same user and with LDAP Admin, it's needed to be done from the Central node.
And in your case you seem to have a multi node with a failover node.

As one of your node took the leadership, the former central node is not anymore the central node.

So what is important to know here, is that the UDC connections are done from Central node. 

Therefore the above test needs to be done from the new central node. 

And in your case it's failing, so you would need to review the environment with your network/security team.

Regards,

Benoit

andrew_thomson
Contributor II
Contributor II

Thanks Benoit, you are 100% correct.

Just finished a call with Qlik support and we came to this same conclusion as well.

Our secondary node was indeed set as the Central Node, as a failover candidate.

Having checked with our infrastructure there was a DSN/trust issue on that second server where the DNS settings needed to be updated to the latest trusted DNS IP. This was updated and the UDC has now lost that error, success!

Thanks for taking the time to respond, very much appreciated. Hopefully this exchange could help some other poor soul with similar circumstances.