Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Announcements
BI & Data Trends 2021. Discover the top 10 trends emerging in today. Join us on Dec. 8th REGISTER
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Partner
Partner

LDAP problem with qlik sense server

Hello ,

I have a problem with my connector of LDAP cannot retrieve users 

even if the sync work and the task is succesfull 

in the log I see :

Children not reachable  for ldap  and database done with 0 users and 0 groups even if with ldap admin when I write the same path I have my users 

my path is LDAP ://myIP/dc=X,dc,Z,dc,Y

I tried also with 

LDAP ://myIP/ou=users,dc=X,dc,Z,dc,Y

and with additionnal filters like 

(&(objectCategory=person)(objectClass=user)
(cn=*)) 

 

but it doesn't work  my version of qlik sense is june 2019 sr3 and my OS is windows server 2012 

 

thank you for your help 

 

 

Labels (3)
10 Replies
Highlighted

IT might be that your syntax is incorrect. HAve you tried other tool like LDAP browser ?

https://www.ldapadministrator.com/download.htm

I would first verify if the syntax is correct if not, here more info about LDAP filtering:


https://docs.microsoft.com/en-us/windows/win32/adsi/search-filter-syntax?redirectedfrom=MSDN

 

BR

 

Gio

Giuseppe Novello
Principal Technical Support Engineer @ Qlik
Highlighted
Partner
Partner

Thank you for your reply my syntax is correct because on ldapadmin I see my users with the same syntax.

Highlighted

Just to confirm, is this the test you perform:

https://support.qlik.com/articles/000042337

 

 

Giuseppe Novello
Principal Technical Support Engineer @ Qlik
Highlighted
Partner
Partner

Hello, 

yes  i did the whole test .

Highlighted
Partner
Partner

Goodmorning @Pato1984 ,

I had a similar issue in the past, when using LDAPAdmin i was able to retrieve users but from QS I was not.
To solve it I had to point to a specific Domain Controller (es DC1, DC2, ...) and to the port 3268, which is the Global Catalog.

I hope this helps,
Riccardo

Highlighted
Partner
Partner

thank you for you reply Riccardo but when I write my path with your port it doesn't work
I write LDAP:\\MYIP:3268/dc=x,dc,y,dc=local
Highlighted
Partner
Partner

Just to be completely sure, could you try those checks?

  1. still from LDAPAdmin, could you check if it keeps working with the new port? If not, it could be that some port is blocked. I don't think that the Global Catalog could be 'turned off' at all
  2. if it is working from LDAPAdmin, check that you didn't write LDAP:\\ but LDAP://! The remaining part of the path seems correct (I usually go by name more than IP, but the result should be equivalent)
  3. could you create a new 'Generic LDAP' UDC? There is a kb article that describes how to create this kind of connection: https://qliksupport.force.com/articles/000012415

Riccardo

Highlighted
Partner
Partner

Hello Riccardo,

I add the port 3268 in the ldapadmin but it' doesn't work  and I did all the others steps but still the same problem .

Highlighted
Partner
Partner

Hi Pato,

unluckily I do not have any other guesses at this time. I suggest to double check if there is a firewall blocking the port or some other policy.

Riccardo