I have a set of users who exist in an subcontainer within our LDAP, and who cannot sign into RequestCenter because of this. I'm just wondering if anyone else has ever come across this issue, and how you might have gotten around it.
Most of our users are in the main ACTIVE.USERS container, then there are some in a subcontainer, let's call it SUB1.ACTIVE.USERS.
On the login event, for the external authentication step, we have our EUABindDN set to: cn=#LoginID#,ou=ACTIVE,ou=USERS............
This works for all users in the main container, but not for users in the subcontainer. If I then modify the EUABindDN to read: cn=#LoginID#,ou=SUB1,ou=ACTIVE,ou=USERS.......I can then sign in as a user in the subcontainer, but not as a user in the main container. I just can't configure it to handle both. I also can't strip back the BindDN to just give it cn=#LoginID#, it won't work and complains when I try.
Any thoughts/comments welcome! (We are RC2008.3 SP3)
We had the same issue, all user accounts where supposed to be in container but this was not the case. We got round it by searching from the top level of the ldap, it would basically then traverse the entire ldap when authenticating the users.
With this solution however it will degrade performance as it has to search through the entire ldap structure. We found this to be acceptable and we have around 10,000 user accounts to search through.
We have a pretty varied OU structure across multiple sub-domains and so we had to get a custom SSO event built by professional services. In our Directories config however, we set our bind dn to be the highest level in the parent domain. Essentially DC=domain,DC=org
Dave - you can setup two datasources, yes, each with a different user baseDN, but then when you try to configure the login event, using external authentication, there can only be one EUABindDN, and this appears to be my problem - I can't put a value in here that will be suitable for the main and the subcontainer at the same time.
Craig - I've tried changing the user baseDN and also the EUABindDN on the login event, but I'm not having any luck in getting this working, unfortunately
This document explains the logic to develop Tidal Enterprise
Orchestrator workflow to automate the process of creating vCenter
Resource Pool* vSphere Power CLI must be installed either on the TEO
server or vCenter* vMA can also be used to achieve the same...
IntorductionCisco Process Orcehstrator (CPO) ships with the webservices
adapter that can be used to make Web Service API call to REST or SOAP
based applications. Before a sample workflow to make SOAP API calls
using CPO, lets understand some of the fundam...