Solved: Re: Need to understand AD and LDAP authentication over My device portal

Gagandeep Singh · ‎03-01-2018

Hi Team,

I have a customer running 2 separate domains for AD and LDAP. NO trust between them. Customer is in transition phase from LDAP to AD.

AD : ad.domain.com

LDAP : ldap.domain.com

The LDAP user used to register devices on My device portal, when used as AD ( put AD on top in identity store sequence ) for portal access wouldn't show up the MAC addresses. The user’s devices are still in the endpoint database, and they are marked as Registered.

Issue persists the same way for AD created devices in My device portal.

I believe this is expected behavior but need a second opinion on the issue. AD and LDAP has different set of attributes to lookup a request that could be the reason behind AD user created devices in portal wouldn't show up when same user comes as LDAP and vice-versa.

Customer would like to see if there is some way to restore the user’s registered devices to their MyDevices portal without having to re-enter all of them.

Any help would be appreciated.

Regards

Gagan

Jason Kunst · ‎03-01-2018

You’re correct, likely In the backend the users are treated as different because they come from different stores

I would suggest a tac case to see if something can be done with the database

View solution in original post

Jason Kunst · ‎03-01-2018

You’re correct, likely In the backend the users are treated as different because they come from different stores

I would suggest a tac case to see if something can be done with the database

Gagandeep Singh · ‎03-01-2018

Thanks for the reply.

I already have TAC case running. Let me know what specific information needs to be checked.

Your guidance will be appreciated. I was unable to see ldap user information. Checked psc.log, prrt log files.

AD agent was showing only Ad user.

Jason Kunst · ‎03-01-2018

Please continue through the tac then for support, they are designated to troubleshooting