LDAP Logging
I am trying to troubleshoot an issue with LDAP and a specific user. Besides what is in the Audit Database is there another way to look to see the LDAP functionality that is being called and the response, like there is with OAuth and the ISCLOG? The Audit Log is returning a failure (Unexpected - /api/atelier login failure | InterSystems Developer Community) for this particular user, and I want to get proof that it might be something with the LDAP and not IRIS.
Thanks
Scott
Comments
I had to debug an application LDAP issue and I used to Apache Directory Studio.
It turned out that the user had been copied from one OU to another and not moved.
Hi Scott,
I would suggest using the %SYS.LDAP APIs to test each method individually or the LDAP test configuration page which will show additional logging.
Maybe using the Portal built-in "Test LDAP Authentication" can help.
See Docs.
Didn't give me any more additional information on the error besides what was in the Audit Database, but thanks.
I am wondering if the Query against LDAP is taking too long and timing out in a response, even though he is getting an Invalid Username/password error returned but this happens when he tries to sign in from VS Code using /api/atelier. I tried increasing the timeout, but it doesn't seem to make a difference. I tried adjusting the Base DN search, and the Nested Group search to no avail.
Hi, there was a breaking change after upgrading some IRIS version in regards to credential stored in IRIS for ldap connections.
Can the user logon to SMP using LDAP successfully? If not, then it might be worth a try deleting the user account for the user marked as LDAP. in IRIS, It will get recreated on next successful login.