04-09-2012 07:25 AM
Hello,
I need to integrate a Cisco Portal 9.3.1 with an Active Directory in order to demonstrate the capabilities of the portal in a classic "AD based" environment.
I have been browsing the documentation for two weeks but did not really found answers to my questions.
The PDF documentation is quite minimalist, and seems to imply the knowledge of the former versions of Newscale.
So here are my questions:
What would be great is a best practices sheet on how to integrate the Portal to AD.
Thanks by advance.
David
Solved! Go to Solution.
04-11-2012 07:06 AM
It should still work if you're using the AD UPN for the EUABindDN. I have this working my lab but with the "Person Lookup" events, and not Login events. I'll have to test with the Login events.
Make sure that the users that you're trying to import all have data for the fields that you are mapping. If there is a field that is NULL in AD but which is mapped in your Request Center Mappings then the import will fail. You can test this by going into the mappings configuration and the AD login name (sAMAccountName) and then testing the lookup to see that all of the mapped fields are populated with data. That lookup will use your UPN format (#LoginId#@domain.com) to query AD and pull the info so it should be a valid test of that Import User event.
04-10-2012 01:40 AM
Hi,
I have figured out the following statement:
- the overall mechanism to authenticate on AD works fine, as long as there is no space in the AD Distinguished Names.
Has somebody a hint to get around this issue? Most of the ADs I have to work with have been filled in a standard way, and so all the DNs are like "CN=john doe,OU=department,DC=domain,DC=local" .
Any Suggestion is welcomed.
04-10-2012 02:29 AM
Hi,
I have tried to use as the EUABindDN variable something like:
Having set this, the external authentication works, but only for the users who have been imported.
New users are not imported
THX
04-10-2012 12:55 PM
David, do you have the Login event enabled under Administration/Directories/Events? It should be if External Authentication is working. You'll have to add another task in its configuration -- "Import User" below External Authentication, so that a new user is imported after authenticating. You can do the same for Order on Behalf, Person Lookup for Service Form, etc. if you want. Hope this helps.
04-11-2012 01:59 AM
Hello Fabio,
Thank you for your mail.
I have followed each point on the integration pdf document.
I have set a logon event with
It is the import event that fails. The logs talk about a "getperson" LDAP command that fails. (it fails only when the user is new, not when he already exists in the database portal).
When I use a classic ldap DN as EAUBindDN it works (logon and import) but as my AD CNs contain spaces, it cannot be used with #LoginId#.
So to summarize, it seems that the #LoginId#@domain.com as EUABindDN prevents the portal to create users.
Tank you for your patience, if you read me!
Best regards,
David
04-11-2012 07:06 AM
It should still work if you're using the AD UPN for the EUABindDN. I have this working my lab but with the "Person Lookup" events, and not Login events. I'll have to test with the Login events.
Make sure that the users that you're trying to import all have data for the fields that you are mapping. If there is a field that is NULL in AD but which is mapped in your Request Center Mappings then the import will fail. You can test this by going into the mappings configuration and the AD login name (sAMAccountName) and then testing the lookup to see that all of the mapped fields are populated with data. That lookup will use your UPN format (#LoginId#@domain.com) to query AD and pull the info so it should be a valid test of that Import User event.
04-12-2012 06:08 AM
Hello Fabio
Thank you for your mail.
Your comments helped me very much to find the solution even if it was not directly the solution.
I hadn't checked the Refresh Person Profile in my import step, so the portal could not create the people the first time.
Now it works on the AD UPN.
Thank you again.
David
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide