Unable to update LDAP Configuration in TSAdmin

Overview

TSAdmin might sometimes be unable to save the LDAP configuration to its configuration file, com.northplains.authenticationbroker.xml. This might lead to login not working for any of the users for whom LDAP is configured.

 

Solution

Diagnosis

TeleScope uses authentication brokers to support third-party authentication technologies, one of them being LDAP. LDAP can be configured/updated in the TSAdmin interface, by logging in as the System Administrator and clicking on Authentication Broker on the left side menu as pictured below.

ab.png

Clicking on the connection name(TeleScope Connection Name in the above picture) brings up a dialog where you can configure the LDAP connection parameters as shown below.

configureldap.png

The values saved here are written to the com.northplains.authenticationbroker.xml file in the top level of the TeleScope installation directory.

It may happen that the changes are lost after the System Administrator logs out and back in and as a result the system never recognizes the updated configuration. You can further validate so by checking the XML file contents to establish that the file never got updated with the new values shared within the TSAdmin interface.

Steps to Fix

The com.northplains.authenticationbroker.xml is an XML file, and can be opened in a text editor and edited to populate it with the updated values and the system will then pick those up. You can use your favorite text editor or you can use Notepad++ which comes with syntax checking through plugins helping you avoid any syntactical mistakes.

Remember that in XML, values of variables reside between the opening and closing tags, eg. in <row>word</row> word is the value in the row tag. This page describes XML structure in some more detail.

Once you have the editor and XML basics in place, the steps to follow are :

  1. Locate the com.northplains.authenticationbroker.xml file in the top level of the TeleScope installation directory. Create a copy of this file and save it elsewhere before editing the original file. We may need this saved copy if we need to revert our changes.
  2. Open the original file in a text editor and find the row tag that contains the connection name that is being used as the active LDAP connection. It is mentioned under TeleScope Connection Name in the Authentication Brokers section in TSAdmin. Use the find in file feature to locate the exact tag.
  3. Inside this row tag, locate the tags with the following names and correct their values if they contain typos or other mistakes: ldap_server_name, ldap_server_address, ldap_user, ldap_password. Use the find in file feature to locate the exact tags. Note that the password will be a hash string so its advisable to copy the hash for a known password than to edit it.
  4. Update any other values you feel are incorrect in this row tag.
  5. Once the values are updated, save the file.
  6. Restart Authentication Broker.

 

Testing

Test the login once with an existing user for which LDAP was configured. The user should be able to login.

Comments

0 comments

Please sign in to leave a comment.