3 Replies Latest reply on Apr 18, 2017 11:16 AM by tcostache RSS
    vshanmugavelayudham Explorer

    Issue while enabling LDAP Authentication on ThingWorx

    Hi all,

     

    I followed CS221840 to enable LDAP authentication on thingworx 7.3. I have followed all the steps mentioned. However. I am unable to login using users from AD. Below is the XML i am using to import Directory Services. Can someone pls help me connect my ThingWorx to AD?

     

    <Entities>

        <DirectoryServices>

            <DirectoryService name="StrykerActiveDirectory" className="com.thingworx.security.directoryservices.LDAPDirectoryService" description="Apache Directory Services" >

                <ConfigurationTables>

                    <ConfigurationTable name="LDAPProxyConfiguration" isMultiRow="false">

                        <DataShape description="" name="">

                            <FieldDefinitions>

                                <FieldDefinition name="server" baseType="STRING" description="<AD Host Name>" />

                                <FieldDefinition name="port" baseType="INTEGER" description="<PORTNUMBER>" />

                                <FieldDefinition name="adminBindDN" baseType="STRING" description="CN=WindchillAdmin\, SGTC,OU=Service Accounts,OU=Asean - India Tech Center,DC=pacific,DC=strykercorp,DC=com" />

                                <FieldDefinition name="adminPassword" baseType="PASSWORD" description="<PASSWORD>" />

                                <FieldDefinition name="userIdAttribute" baseType="STRING" description="userPrincipalName" />

                                <FieldDefinition name="userBaseDN" baseType="STRING" description="CN=SGTC Thingworx Users (Dev),OU=Distribution Groups,DC=pacific,DC=strykercorp,DC=com" />

                            </FieldDefinitions>

                        </DataShape>

                        <Rows>

                            <Row>

                                <server><![CDATA[localhost]]></server>

                                <port>389</port>

                                <adminBindDN><![CDATA[uid=admin,ou=system]]></adminBindDN>

                                <adminPassword></adminPassword>

                                <userIdAttribute>sAMAccountName</userIdAttribute>

                                <userBaseDN><![CDATA[ou=people, dc=thingworx]]></userBaseDN>

                            </Row>

                        </Rows>

                    </ConfigurationTable>

                </ConfigurationTables>

            </DirectoryService>

        </DirectoryServices>

    </Entities>

     

     

    When I login using a user not already created in ThingWOrx, I get below error.

    Error: LDAP authentication for user [varunraj.shanmugavelayudham@stryker.com] failed [reason: javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-03100742, data 0, 1 access points

     

    When I login using a user already created in ThingWorx, I get below error

    Error: LDAP authentication for user [adm_vsha@stryker.com] failed [reason: javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-03100742, data 0, 1 access points

    Warning: Authentication attempt #2 FAILED for [user = adm_vsha@stryker.com]: Invalid Password

    Error: Authentication failed: Please make sure the credentials are correct.