Overview
TSAdmin might sometimes be unable to save the LDAP configuration to its configuration file, com.northplains.authenticationbroker.xml. This might lead to login not working for any of the users for whom LDAP is configured.
Solution
Diagnosis
TeleScope uses authentication brokers to support third-party authentication technologies, one of them being LDAP. LDAP can be configured/updated in the TSAdmin interface, by logging in as the System Administrator and clicking on Authentication Broker on the left side menu as pictured below.
Clicking on the connection name(TeleScope Connection Name in the above picture) brings up a dialog where you can configure the LDAP connection parameters as shown below.
The values saved here are written to the com.northplains.authenticationbroker.xml file in the top level of the TeleScope installation directory.
It may happen that the changes are lost after the System Administrator logs out and back in and as a result the system never recognizes the updated configuration. You can further validate so by checking the XML file contents to establish that the file never got updated with the new values shared within the TSAdmin interface.
Steps to Fix
The com.northplains.authenticationbroker.xml is an XML file, and can be opened in a text editor and edited to populate it with the updated values and the system will then pick those up. You can use your favorite text editor or you can use Notepad++ which comes with syntax checking through plugins helping you avoid any syntactical mistakes.
Once you have the editor and XML basics in place, the steps to follow are :
- Locate the com.northplains.authenticationbroker.xml file in the top level of the TeleScope installation directory. Create a copy of this file and save it elsewhere before editing the original file. We may need this saved copy if we need to revert our changes.
- Open the original file in a text editor and find the row tag that contains the connection name that is being used as the active LDAP connection. It is mentioned under TeleScope Connection Name in the Authentication Brokers section in TSAdmin. Use the find in file feature to locate the exact tag.
- Inside this row tag, locate the tags with the following names and correct their values if they contain typos or other mistakes: ldap_server_name, ldap_server_address, ldap_user, ldap_password. Use the find in file feature to locate the exact tags. Note that the password will be a hash string so its advisable to copy the hash for a known password than to edit it.
- Update any other values you feel are incorrect in this row tag.
- Once the values are updated, save the file.
- Restart Authentication Broker.
Testing
Test the login once with an existing user for which LDAP was configured. The user should be able to login.
Comments
0 comments
Please sign in to leave a comment.