Active Directory with Global Monitor

Clovertech Forums Read Only Archives Global Monitor Global Monitor Active Directory with Global Monitor

  • Creator
    Topic
  • #53883
    Lee Anne Caruso
    Participant

      Has anyone setup an user’s login and password within Global Monitor that is insync with active directory?

      Thank you,

    Viewing 16 reply threads
    • Author
      Replies
      • #79362
        Kevin Scantlan
        Participant

          We are trying, but having difficulties.  I am working with support who has forwarded the problem to development.

          Did you ever get you problems resolved?

        • #79363

          LDAP support for GM is coming soon!

          -- Max Drown (Infor)

        • #79364
          Kevin Scantlan
          Participant

            Is already here with 6.04…. but it’s not working, at least under certain conditions.  And we have those conditions.  The fix is supposed to be in the next AR.  We’re talking with support about a work around.

          • #79365
            Rehman Masood
            Participant

              I got it working at 2 different places with no major issues. What issues r u guys having?

            • #79366
              Kevin Scantlan
              Participant

                Had problems with finding the userid when the LDAP info was contained in more section.  They put a fix in, but my userid is still not working.

              • #79367
                Rehman Masood
                Participant

                  I am not familiar for the more section. For me, it was adding the following elements at both places,

                  – Host Name

                  – Port

                  – Encryption Method = SSL Encryption

                  – Authentication Method = Simple Authentication

                  – Default Domain Name

                  Here is the output I get when I do the test.

                  Opening LDAP server connection…

                  LDAP Host:

                  LDAP Port:

                  LDAP server connection is opened successfully

                  LDAP server authentication…

                  Start bind request for domainuser …

                  Bind request for domainuser succeeded

                  Querying LDAP server…

                  Search Base: DC=domain

                  Search Filter: (&(|(sAMAccountName=user)(sAMAccountName=user@domain))(objectClass=organizationalPerson)(objectClass=person)(objectClass=top)(objectClass=user))

                  Search Attributes: dn,distinguishedName,cn,sAMAccountName,description,memberOf


                  Begin of Query Result



                   End of Query Result  


                  Query LDAP failed

                  Closing LDAP server connection…

                  Closed LDAP server connection successfully

                • #79368
                  Kevin Scantlan
                  Participant

                    I may have worded it incorrectly.   Partiions maybe would be a better choice.  Cloverleaf would search the first partition on the LDAP server and if it could not find the userid would give up and not got go to other partitions for the continuation of the list of userids.

                  • #79369

                    I believe this has been fixed in the upcoming release of GM.

                    -- Max Drown (Infor)

                  • #79370
                    Kevin Scantlan
                    Participant

                      That fix is already on our server, but still unable to sign in with my AD account.  We set up an AD account for the developers and their’s is working.

                    • #79371
                      Andrea Mancini
                      Participant

                        Rehman,

                        We are getting the same output at our organization, but it’s not allowing us to log in to the IDE using our AD credentials. Notice in your output it says: Query LDAP failed. Does that mean anything?  Is there documentation on setting this up?

                        Opening LDAP server connection…

                        LDAP Host:

                        LDAP Port:

                        LDAP server connection is opened successfully

                        LDAP server authentication…

                        Start bind request for domainuser …

                        Bind request for domainuser succeeded

                        Querying LDAP server…

                        Search Base: DC=domain

                        Search Filter: (&(|(sAMAccountName=user)(sAMAccountName=user@domain))(objectClass=organizationalPerson)(objectClass=person)(objectClass=top)(objectClass=user))

                        Search Attributes: dn,distinguishedName,cn,sAMAccountName,description,memberOf


                        Begin of Query Result



                         End of Query Result  


                        Query LDAP failed

                        Closing LDAP server connection…

                        Closed LDAP server connection successfully

                      • #79372
                        Rehman Masood
                        Participant

                          Andrea Mancini wrote:

                          Rehman,

                          We are getting the same output at our organization, but it’s not allowing us to log in to the IDE using our AD credentials. Notice in your output it says: Query LDAP failed. Does that mean anything?

                        • #79373
                          Nick Schneider
                          Participant

                            Do you need to have advanced security for LDAP to work?

                          • #79374
                            Kevin Scantlan
                            Participant

                              No, you do not need advanced security.

                            • #79375
                              Peter Heggie
                              Participant

                                requesting more info – LDAP for Cloverleaf IDE

                                Can someone add a little more information on the topic of using Active Directory for logging into the Cloverleaf IDE:

                                – is Advanced Security required?

                                – what version of Cloverleaf is required?

                                thanks,

                                Peter

                                Peter Heggie

                              • #79376
                                Nick Schneider
                                Participant

                                  Kevin Scantlan wrote:

                                  No, you do not need advanced security.

                                  Thanks for the response

                                • #79377
                                  bill bearden
                                  Participant

                                    We have AD security working with Global Monitor 6.1. We haven’t rolled it out to the users (IS helpdesk) yet. We are still testing/documenting the GM 6.1 functionality.

                                    We didn’t try GM 6.0.4 so I can’t comment on that. We are running it on Windows Server 2008 R2. We are still on Cloverleaf 6.0. We don’t have the Security Server.

                                    There is a Server Administrator program that comes with GM 6.1. I don’t remember there being a Server Administrator program with previous versions of GM. All the Server Administrator program appears to do is config the LDAP information. We filled in the fields for LDAP server and Default Domain. I left the port number blank and took the defaults for the Encryption and Auth (SSL and Simple, respectively). I clicked test. I entered credentials in the form domainusername and then my AD password. Others have included the output of this action. The difference was that, for me, I received a list of a bunch of AD Groups that I am a member of. (Note, if you don’t receive this list, it isn’t working.)

                                    In the lower part of the of the Server Administrator window, I clicked the Import button. After it brought up all the AD Groups (7000+), I selected one. Back on the Server Administrator window, I left the Create user certificate checkbox checked. I clicked Save and entered the CA cert password.

                                    I was able to log in to GM with my AD username and password. I was stuck for quite a while because I thought I needed to enter my username in the form domainusername or username@domain. Use just the username.

                                    Logging in created a user in GM. The user still needs to be configured so I had to log out, log in with the admin user to configure the user. Logging in with my username also created a couple of cert files in WEB-INFconfigservercertsissued directory.

                                    So far, I haven’t been able to get the Migration Tool to work. I am very curious whether the old user list and the old views get migrated. I wonder if our old user names would just work with AD after they were migrated. (That would be cool.)

                                    One last thing… There is a known issue getting GM 6.1 to work with IE. It is listed in the known issues in the Release Notes. After we made the config change and tried it with IE9, it seemed to work.

                                  • #79378
                                    glen goldsmith
                                    Participant

                                      We totally integrated cloverleaf 6.1 w/ AD.

                                      It does not require advanced security.

                                      Its nice, no more certificate mess anymore.

                                      Works *very* well w/ the Cloverleaf IDE on citrix.

                                      I’m curious what modifications were made to allow Internet Explorer to work with Global Monitor.

                                  Viewing 16 reply threads
                                  • The forum ‘Global Monitor’ is closed to new topics and replies.