Troubleshooting Directory Services
You can troubleshoot issues with Directory Services by answering a series of questions.
- Who is responsible for integrating CSM with Directory Services?
Users should consult an LDAP administrator, IT staff member, or the Cherwell Professional Consulting Services team for assistance with LDAP.
- Why are Users not able to login using LDAP authentication?
If Users are not able to login using LDAP authentication, try these tips:
- Ensure the Domain value in LDAP General settings matches the domain specified by Users in the login dialog. This is how CSM matches User accounts with the correct LDAP settings.
- Ensure the selected directory service value matches the type of LDAP directory being configured. The LDAP (generic) settings may be tried for unlisted directories, but LDAP functionality within CSM may be limited or non-functional.
- Ensure all accounts within the LDAP General settings Search Start scope are unique. CSM expects that, within the configured Search scope for an LDAP settings definition, duplicate User accounts (ex. SAMAccountNames) do not exist. There are two options available for this:
- Enter a Search start path in the General page of LDAP settings that is limited to a single domain or OU that contains unique User accounts.
- Ensure that all User accounts that are found in the configured Search scope have unique User accounts (ex.SAMAccountNames). Multiple LDAP settings can be created to cover multiple domains or OUs.