4 Replies Latest reply on Feb 29, 2012 12:33 AM by kyt977

    LDAP Authentication FAILURE




      Presently i am working on the LDAP Integration with Service Portal. I followed steps in the manual and i am unable to log on to the service portal using domain logon credentials.


      i changed server object to point to my LDAP server.


      Here i hav one doubt what name can i keep in CN..


      1) i modified file as shown below.



      esmenduser is the directory where i kept all my users ................What authentication type i can use for AD ..i used LDAP even tried with NONE also



      <?xml version="1.0" encoding="utf-8"?>
      <DirectoryServiceAuthentifictionConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <!-- Server object to try to read (typically a branch on the tree) -->
        <!-- Debugging - throw error messages for any errors encountered-->
        <!-- This is only valid for Active directory.  For eDirectory, use None-->



      2) i added the authentication key in all my tps.config file  as shown below



      <add key="AuthenticationProvider" value="Touchpaper.Integrations.LDAPLogon.DirectoryServiceAuthenticationProvider" />


      3) i modified line to            <add key="LogonPolicy" value="All" />


      4) Add in console for the users i imported from esmenduser folder i added network login to             mh\loginid    

      5) I restarted the IIS and i tried to log on to Service portal using domain credential and  i am getting error saying login failed



      Can anybody suggest me what went wrong.....?

      Plz respond to it as early as possible as i need resolve immediately

      Thanks in advance...




        • 1. Re: LDAP Authentication FAILURE

          Hello Kiran!


          Did you get any help?


          We are stuck with the same problem!



          • 2. Re: LDAP Authentication FAILURE
            dmshimself ITSMMVPGroup

            The login policy needs to be explicit, not all (the manual I think is wrong there).  LDAP takes over the explicit usage.  If you login with SA, the LDAP TPS authentication still looks you up as if you were explicit, not via LDAP, so you need a 'proper' account to test with.  The username you enter is the LANDesk explicit login and the password is the LDAP password that corresponds to the network connection entry.  The network connection values are the LDAP distinguished name and in my experience need to be the first entries in the list of authentication strings.  Any AD ones need to come after this.  Values would be something like ...

            cn=touchpaper, ou=sysusers,ou=general,ou=misc,dc=ad,dc=company,dc=com

            • 3. Re: LDAP Authentication FAILURE

              Hello Dave


              Göran and I work on the same problem.

              I have set up explicit login, but still get the same error message. I think I have a problem with the network login string or the ldap directory authentication string.

              I'm not sure on what will be on both places.


              Can you take a quick peek at  http://community.landesk.com/support/message/67569#67569

              and just see if the network login string or the directory string is completely messed up.

              I would really appretiate it.


              Best regards


              • 4. Re: LDAP Authentication FAILURE

                I think this issue was similar to the other issue detailed here - http://community.landesk.com/support/message/74988.


                I resolved my issue by setting the <AuthenticationType> to 'Secure' in the DirectoryServiceAuthentificationConfiguration.xml file and copying some missing DLLs from the Framework folder to the WebAccess folder.