Default namespace not changing when logging into different instances using LDAP

Question

Question

richard samuels · Jun 14, 2019

#LDAP #Namespace #Terminal #Caché #Ensemble #InterSystems IRIS

Have enabled LDAP for our numerous , Ensemble, IRIS and cache instances with many namespaces. All is working fine and the ldap logins work.

But have noticed that the first instance that the user logs into the namespace is assigned to that user, but when that user than logs into another instance the default namespace from the first login is still there and doesn't update to the new namespace.

So this doesn't effect the ldap login but is now effecting the terminal logins where the user is now getting access denied.

Not sure why the first namespace is not being replaced by the current namespace.

first user is using the default Namespace as its his first login to any instance

But the 2nd user pmtest, has logged into a different instance previously and is not being assigned the CID namespace

Further Update

removing users from the intersytems-Namespace-NAMESPACENAME , removes the default namespace when logging in which than allows the user to login through terminal also.

But trying to work out how to assign the startup Namespace, so it reflects each different namespace on the different servers, when users login.

Discussion (1)0

Log in or sign up to continue

Katherine Reid · Jun 14, 2019

Are you trying to have the same user have different login namespaces on different systems? If so, for your InterSystems IRIS instances, have you looked at the "Authorization group ID" and "Authorization Instance ID" which are part of each LDAP configuration? You can use these to make each instance (or group of instances) look for a different group to define the namespace.

0 0