Have an issue where Users information within site admin is being changed by the active Directory information without any user or admin intervention in ALM 12.20?
| ♥ 0 |
We have an issue where the users information is being changed within the site admin Users section during a log in. We are using LDAP and out Active Directory is importing the information when the user logs in and then they can’t log in and are being denied authorization due to incorrect credentials. When we check this in Site Admin the information for the user has been changed without the user doing so or the site admin doing so. Has anyone ever heard of this before. Thanks,
Marked as spam
|
Posted by |
Private answer
Hi HomerJ, Most of these issues have root causes related to having several users with the same(similar) information throughout the Active Directory, the LDAP_SEARCH_USER_CRITERIA parameter will look for all mapped fields and if it finds an user with (i.e.) different username but similar email, ALM could import this and change its username to match with the one using its email address or with multiple CNs. The CNs are all in the scope defined for ALMs LDAP usage and thus the ALM user can be bound to either of them randomly. So I would suggestion you narrow down the CNs defined to avoid the unexpected issue. I suggest you check if the AD some users have more than one non-unique definitions assigned to their account and check if the issue is happening only when users type a wrong/empty password? If this is the case, this is a known issue that will be fixed un a future patch/release and If so you could request a partial hotfix through your service provider and they can obtain this from HP. (for reference the QCCRID is 1J79866) If this is not the case, I suggest you open a case with your service provider and provide them all the logs from when the issue is occurring so they may better assist you. Hope this helps, Marked as spam
 Posted by Dan (Questions: 0, Answers: 770) Answered on December 2, 2015 1:55 pm
|