gilta03

Tech Tip: Getting errors when trying to activate active directory (AD) integration in Test Data Manager

Discussion created by gilta03 Champion on Sep 27, 2016

Knowledge document: http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec1280148.aspx 

 

Issue: 

After setting up the Active Directory integration with Datamaker, entering the AD group name, and submitting, I received the following errors:

"Cannot safely set AD Group to (group name) as the following error occurred:

Invalid password- cannot test existence of group (name)

If you continue you may not be able to access this CA Test Data Manager-Datamaker Test Data Repository. Continue anyway?"

Environment:  

CA Test Data Manager- Datamaker 3.2

Cause:  

Active Directory (AD) enables your security teams to authenticate and authorize CA Test Data Manager (TDM) user access and privileges from a central location.

To read more about how AD authentication works with TDM-Datamaker, see our online documentation: https://docops.ca.com/ca-test-data-manager/3-5/en/administrating/security/active-directory-integration/activate-active-directory-integration 

If you are getting this error, it means that the user is not a member of the AD group. Datamaker is trying to authenticate using the logged on user and password. You will need to sign into Datamaker with the AD user, then add the AD group.

Resolution:

  1. Launch Datamaker. 
  2. Sign in and connect to the repository. 
  3. Connect to the desired target and source profiles.
  4. Click on the 'Security' tab at the top of the toolbar.
  5. Choose 'Users and Groups' from the drop down menu.
  6. Sign in with your administrator credentials. 
  7. Under the 'Users' section in the left hand column, right click on an existing user. 
  8. Choose 'Add user' from the menu.
  9. In the 'New User' window that appears, create a new user and password that are similar to the AD credentials you are wanting to use. Click the green checkmark in the bottom, right-hand corner to save. 
  10. You will get a message saying that 'User (username) Saved'. Click the 'OK' button.
  11. You will then get a message with the new users ID, email, password, and access expiration date. Click the 'OK' button.
  12. Now you will need to assign the new user admin privileges. Under the 'Users' section in the left hand column, click on the newly added user.
  13. In the 'User Groups for (username)' tab, under the 'Available' section, click the the group 'ADMIN- All Projects- ADMIN' so that it is highlighted. 
  14. In the middle of the screen, click the piece of paper with a green down arrow icon. Now the new user has administrative privileges. 
  15. Restart Datamaker. 
  16. Sign in as the new user. 
  17. Connect to the desired target and source profiles.
  18. Click on the 'Security' tab at the top of the toolbar.
  19. Choose 'Users and Groups' from the drop down menu.
  20. Sign in with your administrator credentials. 
  21. In the 'Maintain Security' window that appears, click on the 'Security Settings' tab. 
  22. In the 'AD Group' text box, specify the Active Directory name for the AD column. The AD Group of which a user must be a member of in order to access this in the CA Test Data Manager-Datamaker repository. 
  23. Click the 'Save' floppy disk icon.
  24. You should get a pop up confirming what the 'AD Group is set to'. Click the 'OK' button. 

You should no longer be getting those error messages and your AD integration is successfully set up. 

Additional Information:

If you experience any issues with AD activation or integration, please open a support case.

Outcomes