LDAP and SM integration using scldapconfig (266 Views)
Reply
Trusted Contributor
SanjeevDas
Posts: 383
Registered: ‎06-17-2013
Message 1 of 6 (266 Views)

LDAP and SM integration using scldapconfig

Hi experts,

 

I am trying to integrate LDAP with HPSM. And I have no clue if the integration is working or not.

 

The Contacts table in HPSM has been populated by the users from LDAP using Connect IT.

However, the issue occurs while importing the users from LDAP to the operator table.

 

LDAPMapping:

LDAP Server: <IP Address>

LDAP Port: 389

LDAP Base Directory: CN=domain,CN=com

 

Set File/Field Level Mapping

Name:operator

LDAP Server: <IP Address>

LDAP Port: 389

LDAP Base Directory: CN=domain,CN=com

LDAP is Primary data source

 

SM fields                                     LDAP Attribute

contact.name                        sAMAccountName

email                                         email

full.name                                 cn

name                                        sAmAccountName

 

sm.ini

#ldapserver:<ipaddress>:389
ldapdisbale:0
ldapstats:1
ldapauthenticateonly:1
ldapnostrictlogin:1
ldapbinddn:RSDNS\facilityhelpdesk
ldapbindpass:Fh123456
sessiontimeout:120
RTM:3
debugdbquery:999

 

Restarted the Service.

 

Checked the log it shows an error

Message from LDAP server: Operations error, error code = 1

What does that mean?

Now the result is I am not able to import any users into the SM's operator table.

 

Any clue!

 

Sanjeev

Please use plain text.
Regular Advisor
Vikky
Posts: 182
Registered: ‎12-12-2010
Message 2 of 6 (254 Views)

Re: LDAP and SM integration using scldapconfig

Hi,

 

Please check below:

Set File/Field Level Mapping:

LDAP Additional Query : (&(objectclass=user)(objectcategory=person))

uncheck LDAP is primary data source

only set field for Name : sAmAccountName for operator table

 

thanks

vikky

Please use plain text.
Honored Contributor
DimitarPeychev
Posts: 292
Registered: ‎11-01-2011
Message 3 of 6 (248 Views)

Re: LDAP and SM integration using scldapconfig

Hi,

 

The message means that some users get locked.

 Please try the following: map the operator name to sAMAccountName in scldapconfig file and set the LDAP parameter (ldapbindn and ldapbindpass)

It should be working fine seems to be working fine.

HP Support
If you find that this or any post resolved your issue, please be sure
to mark it as an accepted solution.
Please also give kudo if you find it interesting :)
Please use plain text.
Trusted Contributor
SanjeevDas
Posts: 383
Registered: ‎06-17-2013
Message 4 of 6 (235 Views)

Re: LDAP and SM integration using scldapconfig

Hi,

 

I have defined ldapbinddn as "<ADDomain>\<ADUser>"

and ldapbindpass as "<ADUserPassword>

 

The account with which I am trying to login to SM is not a locked account in AD. The account is the same account which I have defined in ldapbinddn parameter.

 

Still couldnt make it work.

 

Thanks,

Sanjeev

Please use plain text.
Frequent Advisor
JosieJosie02
Posts: 54
Registered: ‎01-05-2012
Message 5 of 6 (224 Views)

Re: LDAP and SM integration using scldapconfig

I believe the Operations error, error code = 1 means you are not authenticating to LDAP, or maybe your search DN clause is not pointing to LDAP correctly.

Please use plain text.
HP Expert
lisajo
Posts: 480
Registered: ‎02-15-2010
Message 6 of 6 (196 Views)

Re: LDAP and SM integration using scldapconfig

Hi

I found another case with the error message -1 and it was resolved with

The RUN directory for some reason was read only.
After changing it to read/write, now it is working fine.

Another case with the error message was resolved with

Somehow the sm.ini file became corrupted thus preventing the ldapbinddn (and other ldap paramters) from being invoked. Once these parameters were re-added to the sm.ini file the authentication completed.

and

Configuration changes

 

1- Remove double quotes ( " ) from the ldapbinddn parameter.

2- Remove ldap mapping setup for the operator table and make it as simple as possible. Just mapping name to sAMAccoutName

 

last one is ...

enable ldapauthenciateonly parameter

Hope one of these helps

Thank you

Lisa

"HP Support
If you find that this post or any post resolves your issue, please make sure to mark it as an accepted solution."
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation