Writting User Attributes Back to MSAD

By: Greg Smith user 23 Mar 2020 at 10:17 p.m. CDT

2 Responses
Greg Smith gravatar
All, Environment: Gluu Server Community Addition CentOS 7 Virtual machine 12 GB Ram 100 GB Storage 4 CPU Gluu server is not writing user attributes back to MSAD. This is the first time using Gluu server. I followed Cache Refresh/Manage Authentication configurations from here. https://support.gluu.org/single-sign-on/2953/configuring-gluu-with-active-directory/ I was able to import all my users from MSAD to Gluu server and tested each one for authentication by logging into Gluu Web UI with each user that was imported, No problems. When I create a user in Web UI it does not create that user in my Active Directory, I’m also unable to change the password from any user/s that was imported. I went through the “View Log Files” for errors, unfortunately I did not find none. Any Help or suggestion would be appreciated, Thanks in advance.
CentOS 7.0
closed

Answers

By Mohib Zico Account Admin 24 Mar 2020 at 3:36 a.m. CDT

Copy
Mohib Zico gravatar
Hi Greg, Cache Refresh is a 'pull' method; that means you can 'pull' user's information from backend Active Directory or LDAP. Gluu Server don't have 'root' write access to AD. Whatever change of user's information you want to make; you have to do that in backend AD, then Gluu Server will 'pull' that user's information from Active directory. Yes, there are couple of scripts which you can use to 'sync' changed password from Gluu Server to AD but we don't suggest you to use that; better use SCIM in that case. Let me know if you have any question or confusion please.

By Greg Smith user 24 Mar 2020 at 4:15 p.m. CDT

Copy
Greg Smith gravatar
@Mohib.Zico Thank you for your quick response, Thats what I thought but wasn't sure.

Post an answer