LDAP string updating automatically

Question ID: 106932

Our ALM is configured to use LDAP. We have been seeing issues recently where a user’s authentication string is getting changed in the site admin when they fail to log in. Does anyone know what may be causing this issue and is there a way to stop it

Marked as spam
Posted by (Questions: 122, Answers: 3)
Asked on July 1, 2016 1:49 pm
Answers (1)
Private answer

This sounds like it is related to the LDAP_SEARCH_USER_CRITERIA site parameter.

When users attempt to log in to ALM, they are authenticated against LDAP using the distinguished
names (DN) that are stored in the Domain Authentication property in the ALM database. Using this site parameter, you can enhance the search so that when the DN information is invalid, ALM also searches on the LDAP server, using the LDAP import settings defined in Site Administration. If the user is found,the DN is updated in ALM, and an automatic login attempt is performed.

If you do not wish to have the Domain Authentication property updated, remove the LDAP_SEARCH_USER_CRITERIA site parameter.

Marked as spam
Posted by (Questions: 3, Answers: 168)
Answered on July 1, 2016 1:50 pm