0

What is initial user when changing provider from DB to AD?

What should be the initial user when we change provider from DB to AD?

I tried the name of the Enterprise Users created on Pyramid, but it doesn't work.

10 replies

null
    • Senior Director of Product
    • Ian_Macdonald
    • 5 yrs ago
    • Reported - view

    Hi HDT,

    This will be the Active Directory identity of the user who will provide the continuing Pyramid 2018 configuration.

    Once you change the authentication provider to Active Directory, the next time you log in, that login will be authenticated against AD. Therefore typically, if you are the person responsible for Pyramid 2018 configuration, it will be your AD identity for the domain you are using to authenticate, however, it could be anyone.

    Once the change has been applied successfully, the only AD user registered with Pyramid 2018 will be the initial user. Use this identity to log into Pyramid2018 to continue the configuration process (adding users, roles, data sources etc.).

    Hope that helps.

    Ian 

    • HDT
    • 5 yrs ago
    • Reported - view

    Ian Macdonald Let's say I have a (normal) user account on the domain xyz.com . I put the login credential for that user account on the Domain User Settings and managed to pass the first test (Domain Access Test Successful), but when I put the same user name on the Initial User, it says Initial User Test Failed. From what you are saying, it should work regardless. What could be the cause of this issue?

    • Senior Director of Product
    • Ian_Macdonald
    • 5 yrs ago
    • Reported - view

    Can you post a screenshot of how you have filled in the details for changing to AD authentication?

    • Daniel
    • 5 yrs ago
    • Reported - view

    HDT  Can you please open a command prompt on a computer/server that is joined to your domain. Then open a command prompt and type "whoami". This should show you the domain\user that you are logged in with. Please make sure that the domain name shown is the same domain name as you are using in the Pyramid 2018 Admin>Access>Authentication settings. If it is the same we shall move this ticket to our support system and arrange for an online meeting to take a further look. 

    Thank you  

    • HDT
    • 5 yrs ago
    • Reported - view

    Daniel My currently logged in user and the domain in Pyramid are the same.

    Ian Macdonald I'm not sure about posting a screenshot due to company policy, but here is how I fill in the information:

    Domain name: <company-domain>

    LDAP Address: <ldap-name>.<company-domain>/<path-to-container>

    Port: 389

    Use secure model - Unchecked

    ---

    Use a different domain - Unchecked

    Domain: <company-domain>

    User Name: <domain-account-username>

    Password: <password>

    [Domain Access Test Successful]

    ---

    Initial User

    User Name: <domain-account-username>

    Domain: <company-domain>

    [Initial User Test Fail]

    ---

    Output of whoami is <company-domain>\<domain-account-username>

    My domain user doesn't have any administrator rights. Just a normal user in the domain.

    • Senior Director of Product
    • Ian_Macdonald
    • 5 yrs ago
    • Reported - view

    Hi HDT,

    Your LDAP address should be  in the form of:

    LDAP://DC=subdomain,DC=domain,DC=other,etc.

    Before you filled in that dialogue box, it would have shown in grey an example in this format.

    Your initial user is probably failing because Pyramid 2018 cannot find the LDAP server to retrieve the initial user details because the LDAP address is incorrectly formed.

    So if for example, I was connecting to the domain subdomain.pyramidanalytics.com ,

    the LDAP address would be in the form

    LDAP://DC=subdomain,DC=pyramidanalytics,DC=com

    Try that and see if it resolves the problem.

    Ian

    • HDT
    • 5 yrs ago
    • Reported - view

    Ian Macdonald Just to clarify about my LDAP Address. I got pass the Domain Access Test with this address

    LDAP://<ldap-server-short-name>.<company-domain>/OU=<ou>,OU=>ou>,DC=<dc>,DC=<dc>,DC=<dc>

    (all the DC parts combined is equivalent to <company-domain>)

    Following your suggestion, I tried using this address:

    LDAP://OU=<ou>,OU=>ou>,DC=<dc>,DC=<dc>,DC=<dc>

    But it failed the Domain Access Test.

    I think the host name of the LDAP server must be included. Otherwise, how would Pyramid knows which server to connect to?

    • Dvir_Buzaglo
    • 5 yrs ago
    • Reported - view

    @HDT 
    Our support team has been requested to contact you directly to seek out a solution.

    • Roland_Tagle
    • 5 yrs ago
    • Reported - view

    Hello:

     

    I am having the exact same issue where I test the domain change just fine but when I test the initial username it fails. I cannot change authentication to AD. HELP!

    • Yakov_Shaul
    • 5 yrs ago
    • Reported - view

    Hi  Roland Tagle
    We cannot troubleshoot your case over a community post.
    Please open a support case for the support team.
    Kind Regards,
    Yakov.

Content aside

  • Status Answered
  • 5 yrs agoLast active
  • 10Replies
  • 101Views
  • 6 Following