DX Unified Infrastructure Management

  • 1.  LDAP users are not able to login to UMP console

    Posted May 18, 2018 01:01 PM

    Hi Folks,

     

    We use CA UIM 8.47 in our environment.we have LDAP integrated with AD but from yesterday all of a sudden the LDAP users are not able to login to the ump console.

     

    They get a error message as below.

     

     

    From the hub.log we are getting the below messages.

     

    hub: login [LDAP] - (logon_user) 0 user found for (&(objectClass=person)(|(userPrincipalName=xyz@domain.local)(sAMAccountName=xyz@domain.local))), do not know which to use.
    hub: login [NimBUS] - user does not exist user=xyz ip=***.***.***.*

     

    hub: Subscribe error: replacing current subscriber not permitted, denying request

     

    We have checked and found that the users are present in the LDAP  group.We tried to resync the ACL with the LDAP group but still it did not work.

     

    From the logs i can see that the userprincipalname and SAM  account both are same,Will this be a problem?

     

    I am a newbie to CA UIM ,Could anyone Please help.

     

    Many Thanks,

    vineesha.



  • 2.  Re: LDAP users are not able to login to UMP console

    Posted May 18, 2018 01:08 PM

    Vineesha,

    A good first place to check is IM console > hub > configure > settings > ldap > run the Lookup and Test to verify both pass.



  • 3.  Re: LDAP users are not able to login to UMP console

    Broadcom Employee
    Posted May 18, 2018 02:18 PM

    Hi vineesha,

    Your LDAP admin should be able to run this LDAP query using LDAP Browser or Jxplorer.

    They may spot something wrong with it.

    If it returns zero results in an LDAP query tool, then UIM will have the same problem.

    (&(objectClass=person)(|(userPrincipalName=xyz@domain.local)(sAMAccountName=xyz@domain.local)))

     

    They can modify the query and see what changes are needed for it to work.

     

     

     

     



  • 4.  Re: LDAP users are not able to login to UMP console

    Posted May 31, 2018 03:39 PM

    Thanks David and Shawn for your tips..our issue is resolved now..there were some changes made to usernames to LDAP AD group which caused this issue.