Some user login and some cannot

By: yousif nakkash user 18 Dec 2020 at 9:02 p.m. CST

7 Responses
yousif nakkash gravatar
I configured the cash refresh to connect to ldap with attributes and I was able to sync all the users from the domain controller but there is a weired senario happening. Some users can login and some cannot is there away to figure out what the problem is I tried it on centos and on debian and I am getting the same results, Please tell me which specific logs to check for erros and what to send you.
Gluu 4.2.1 CentOS 7.0
closed

Answers

By Mohib Zico staff 18 Dec 2020 at 11:06 p.m. CST

Copy
Mohib Zico gravatar
Hi, First... you need to search support portal on Cache Refresh. See if any user already found this error or not already. Community tickets are public and can be used as 'Knowledge base'. See what you get after that.

By yousif nakkash user 22 Dec 2020 at 1:56 p.m. CST

Copy
yousif nakkash gravatar
The problem was on my domain user I was missing the uid entry for each user. I added that and I was able to login but its strange because I linked sAMAccount to uid on the gluu server and still couldn't login until I added the uid for the users. is this normal or there is a different way to link sAMAccounts and login instead using uid for the DC?

By Mohib Zico staff 22 Dec 2020 at 9:19 p.m. CST

Copy
Mohib Zico gravatar
>> The problem was on my domain user I was missing the uid entry for each user. Sorry, didn't understand. MIssing UID entry where?

By yousif nakkash user 23 Dec 2020 at 2:55 p.m. CST

Copy
yousif nakkash gravatar
on my domain controllers user, I was missing uid field not set for all the users. Once I set it i was able to login with all the domain users. The question is if I want to use sAMAccount insted of uid and set in cash refresh sAMAccount=uid, this wont work is there another way around it.

By Mohib Zico staff 23 Dec 2020 at 9:38 p.m. CST

Copy
Mohib Zico gravatar
>> The question is if I want to use sAMAccount insted of uid and set in cash refresh sAMAccount=uid, this wont work is there another way around it. That should work. Actually most of the universities who has AD as datasource don't have UID but only sAMAccountName. May be you can share your full Cache Refresh config so we can take a look.

By yousif nakkash user 24 Dec 2020 at 8:58 a.m. CST

Copy
yousif nakkash gravatar
Please fine attached. If i change sAMACCOUNT word to uid it works and it syncs all the users

By Mohib Zico staff 25 Dec 2020 at 2:28 a.m. CST

Copy
Mohib Zico gravatar
No attachments...

Post an answer