Sparx Systems Forum
Enterprise Architect => General Board => Topic started by: Zvolensky on October 06, 2017, 01:52:31 am
-
Hello
Another issue I have, now with Keystore and AD
In my setting file for keystore i have following:
AUTHMETHOD=AM_ACTIVEDIRECTORY
AUTHMETHOD_OPTIONS=Mylovelyusers
The AD group "Mylovelyusers" exists and i'm a member.
When i start the service (i have tried system account and also my domain account where i'm admin on the server) in the log file i see this:
...
[SYSTEM]: [ACTIVEDIRECTORYGROUP_AM] SUCCESS: Initialised. Naming Context: 'LDAP://DC=XYZ,DC=ABC,DC=EFG', 1 Group(s) added.
....
when i try to connect to the keystore from my Sparx it is not working, the log file messages are:
[WARNING]: [ACTIVEDIRECTORYGROUP_AM] WARN: Authentication failed. Group 'CN=Mylovelyusers' not found.
[SYSTEM]: [ACTIVEDIRECTORYGROUP_AM] WARN: Authentication failed. User 'myuser' is not a member of any permitted groups.
[WARNING]: WARN Client from XX.YY.QQ.ZZ was denied authorisation. Reason: User 'myuser' is not a member of any permitted groups. Please contact your SSKS administrator for further details..
Any idea? What did I do wrong?
-
At a guess your group is the wrong type of group.
-
Hi
Ok, and do you know the the correct type of group please?
-
So the problem was not in the type of group but in the cfg file.
Our AD is a big one and i was not able to specify where exactly is this group in the bigger context. I was trying different approaches and gave up as the guide is not very specific (surprise surprise)
So instead AM_ACTIVEDIRECTORY i'm using AM_ACTIVEDIRECTORYEX with an adconfig file where I was able to specify the exact naming context of the group and now it is working.
So it is solved, kind of.