What is initial user when changing provider from DB to AD?
What should be the initial user when we change provider from DB to AD?
I tried the name of the Enterprise Users created on Pyramid, but it doesn't work.
10 replies
-
Hi HDT,
This will be the Active Directory identity of the user who will provide the continuing Pyramid 2018 configuration.
Once you change the authentication provider to Active Directory, the next time you log in, that login will be authenticated against AD. Therefore typically, if you are the person responsible for Pyramid 2018 configuration, it will be your AD identity for the domain you are using to authenticate, however, it could be anyone.
Once the change has been applied successfully, the only AD user registered with Pyramid 2018 will be the initial user. Use this identity to log into Pyramid2018 to continue the configuration process (adding users, roles, data sources etc.).
Hope that helps.
Ian
-
Ian Macdonald Let's say I have a (normal) user account on the domain xyz.com . I put the login credential for that user account on the Domain User Settings and managed to pass the first test (Domain Access Test Successful), but when I put the same user name on the Initial User, it says Initial User Test Failed. From what you are saying, it should work regardless. What could be the cause of this issue?
-
Can you post a screenshot of how you have filled in the details for changing to AD authentication?
-
HDT Can you please open a command prompt on a computer/server that is joined to your domain. Then open a command prompt and type "whoami". This should show you the domain\user that you are logged in with. Please make sure that the domain name shown is the same domain name as you are using in the Pyramid 2018 Admin>Access>Authentication settings. If it is the same we shall move this ticket to our support system and arrange for an online meeting to take a further look.
Thank you
-
Daniel My currently logged in user and the domain in Pyramid are the same.
Ian Macdonald I'm not sure about posting a screenshot due to company policy, but here is how I fill in the information:
Domain name: <company-domain>
LDAP Address: <ldap-name>.<company-domain>/<path-to-container>
Port: 389
Use secure model - Unchecked
---
Use a different domain - Unchecked
Domain: <company-domain>
User Name: <domain-account-username>
Password: <password>
[Domain Access Test Successful]
---
Initial User
User Name: <domain-account-username>
Domain: <company-domain>
[Initial User Test Fail]
---
Output of whoami is <company-domain>\<domain-account-username>
My domain user doesn't have any administrator rights. Just a normal user in the domain.
-
Hi HDT,
Your LDAP address should be in the form of:
LDAP://DC=subdomain,DC=domain,DC=other,etc.
Before you filled in that dialogue box, it would have shown in grey an example in this format.
Your initial user is probably failing because Pyramid 2018 cannot find the LDAP server to retrieve the initial user details because the LDAP address is incorrectly formed.
So if for example, I was connecting to the domain subdomain.pyramidanalytics.com ,
the LDAP address would be in the form
LDAP://DC=subdomain,DC=pyramidanalytics,DC=com
Try that and see if it resolves the problem.
Ian
-
Ian Macdonald Just to clarify about my LDAP Address. I got pass the Domain Access Test with this address
LDAP://<ldap-server-short-name>.<company-domain>/OU=<ou>,OU=>ou>,DC=<dc>,DC=<dc>,DC=<dc>
(all the DC parts combined is equivalent to <company-domain>)
Following your suggestion, I tried using this address:
LDAP://OU=<ou>,OU=>ou>,DC=<dc>,DC=<dc>,DC=<dc>
But it failed the Domain Access Test.
I think the host name of the LDAP server must be included. Otherwise, how would Pyramid knows which server to connect to?
-
@HDT
Our support team has been requested to contact you directly to seek out a solution. -
Hello:
I am having the exact same issue where I test the domain change just fine but when I test the initial username it fails. I cannot change authentication to AD. HELP!
-
Hi Roland Tagle
We cannot troubleshoot your case over a community post.
Please open a support case for the support team.
Kind Regards,
Yakov.
