4 Replies Latest reply: Aug 6, 2017 10:13 PM by Chadwick Leung RSS

    LDAP Configuration in Active Directory..

    Silambarasan Manickam

      Hi All,

       

      I'm unable to fetch the users in my local domain.

       

      Now the LDAP is configured like below,

       

      Connection : LDAP://company.com

       

      I need to fetch all the users, but it gives me an error.

       

      can anyone please help with this.

       

      Thanks.

        • Re: LDAP Configuration in Active Directory..
          Jyothish KC

          Hi Silambarasan,

           

          Do you have a account who have access to the LDAP ?

          You need to add those information also.

           

          Best Regards,

          KC

          • Re: LDAP Configuration in Active Directory..
            Chadwick Leung

            Would you specify the error? If the connector is configured properly, both "Configured" and "Operational" should be shown as "Yes". As KC mentioned, you need to provide the credential of a domain user, username as domain\username .

             

            If the option "Sync user data for existing users" is checked (default), it will not sync no account from the AD unless the user logon once the account will automatically created on the QS server. Uncheck this option.

             

            Don't forgot to allocate token to your users otherwise they can only login to the QS server but access no resource.

             

            Hope this help

             

            Chadwick

              • Re: LDAP Configuration in Active Directory..
                Silambarasan Manickam

                Hi,

                 

                Both "Configured" and "Operational" shown as "Yes" and I have also unchecked the option "Sync user data for existing users".

                 

                But Still I'm unable to fetch the users.

                  • Re: LDAP Configuration in Active Directory..
                    Chadwick Leung

                    There should have a task named as <connect_name>_usersynctask automatically created and associated with the your Active Directory connector. If there is having a problem, the task's status shows as Failed/Error, clicking the exclamation mark icon will give some cues of the issue.


                    You might also check the following:

                    1) Check the Schedulers Type (QMC Schedulers section), see if it is "Master and Slave"? Task would be failed to execute if it fails to contact the slave scheduler.


                    2) In connector, add LDAP filter to narrow down number of users to sync first. Not sure how many number of user you AD has and whether too many users caused a timeout issue. Might need to tune the timeout parameter.

                     

                    Chadwick