Trouble with the LDAP authorization process in ALM?

Question ID: 109763
0
0

Hello,

We’ve noticed that the ALM QC  LDAP isn’t validating new passwords as users still use their (old) password to successfully login, Take note that there is a high probability that the issue may lie with with the LDAP connection itself. Is this expected? Where can we start to look to figure this issue out??

 

Thanks,

HomerJ

Marked as spam
Posted by (Questions: 314, Answers: 12)
Asked on July 31, 2020 1:52 pm
6 views
Answers (1)
1
Private answer

Hi HomerJ,.

The LDAP authentication process is more like a handshake request and based upon the response from the authorizing LDAP server as to whether the account is valid, active, and the password correct.  ALM in no way caches or saves the password, so the fact that the old password is working means that something within the LDAP configuration or the authorized user account used for LDAP authorization requests is misconfigured. I would elevate the QC and SA log files to the debug level and recreate the issue noting the time and account credentials used to recreate the issue.  Using the new password and getting a denial should record something that may help guide your LDAP admin where to start their investigation.  This is fhe best we can do and I would recommend that the LDAP admin turn on loggin on the system to see the issue as well.  These log files are the best that I can provide from an ALM side as this is definitely and LDAP specific issue that the admin needs to correct.

 

Hope this helps,

Dan

Marked as spam
Posted by (Questions: 0, Answers: 709)
Answered on July 31, 2020 1:58 pm
Summary: Appears that the LDAP isn't pulling back "new" user ids. Existing user ids are coming back when searching but authentication to ALM only works with old passwords that have not been recently changed. The log files pointed us to the direction to start the investigation as it is was yielding time out errors. We then checked and reconfigured the authorized user account for read, write, and query permission updates and the issue has been resolved. Thanks again.
( at July 31, 2020 2:02 pm)