LDAP

Syndicate content 9 

Have enabled LDAP for our numerous , Ensemble, IRIS and cache instances with many namespaces. All is working fine and the ldap logins work.

But have noticed that the first instance that the user logs into the namespace is assigned to that user, but when that user than logs into another instance the default namespace from the first login is still there and doesn't update to the new namespace.

So this doesn't effect the ldap login but is now effecting the terminal logins where the user is now getting access denied.

Last answer 14 June 2019
0   0 3
0

comments

55

views

0

rating

Hello everyone,

 

i am in process of changing our authentication method, so we can integrate our AD authentication in our programs. At the moment i am using they %SYS.LDAP object, and trying to use the .Bind() method with the user information to authenticate. This seems to work without issues, but here the problems start.

Last answer 4 April 2019
0   0 2
0

comments

82

views

0

rating

Has anyone worked out a way to use LDAP to define the default namespace on multiple servers?  I know that documentation says that intersystems-Namespace-xxx only supports one namespace, but how is this useful?   Any workaround to say have  intersystems-Namespace-server1-namespaceA  and intersystems-Namespace-server2-namespaceB?  Is it best practice to use the same "namespace" on every server?

Thanks!

Last answer 6 November 2018
0   0 2
0

comments

80

views

0

rating

Hi all,By using LDAP cache method ##Class(%SYS.LDAP).GetValuesLen(LD,CurrentEntry,Attribute) we get the list of attributes but in "ObjectSid" attribute have the SID in binary format(objectSid^U¤:c@ãºþÕLCP]). how to convert to the readable format from the binary format in cache side.
Please help us to proceed further

Last answer 9 October 2018 Last comment 10 October 2018
0   0 2
92

views

0

rating

Hi Group, I've followed the instructions from the documentation to configure LDAP and Ensemble to authenticate, however, I'm unable to authenticate using an account in the LDAP.  The user is able to authenticate in a Linux shell.  I have added the ObjectClass of IntersystemsAccount and the 3 group definitions to the schema.  Other than adding the user to this group, do I have to change the user's objectClass at all?  

This is not on active directory - it is a Linux based LDAP solution (slapd).

Last answer 10 March 2017 Last comment 11 January 2017
0   0 2
425

views

0

rating