This article will provide some questions that will help troubleshoot issues with LDAP (Lightweight Directory Access Protocol) login and group syncing.
Article Navigation
Troubleshoot LDAP Login Issues
The following are basic LDAP troubleshooting questions that, if addressed, speed up the support process for login issues. If possible, please include the answers in your ticket to Support.
- Does this affect multiple users or only one user?
- Does the user use their Active Directory credentials?
Notes:- Users must log in with their Active Directory username (username or username@domain), not their email.
- You must ignore what shows as their "username" in the GCMS, as this is not what we use for authentication. Authentication processes with the LDAP service and we sync accounts on either username or email field.
- What are the user's emails and usernames in Active Directory?
- What error does the user get when they try to log in?
- Can the user use the /setup test to log in?
- What message does the user get when they log in with /setup?
Note: Please provide a screenshot to help with your Support ticket.
Troubleshoot LDAP Group Syncing Issues
Below are basic troubleshooting questions for LDAP that, if addressed, speed up the support process for group syncing issues. If possible, please include the answers in your ticket to Support.
- What group(s) do not sync?
- Do the group names in Group Administration match exactly with the group names in Active Directory?
- Are users assigned group membership in Active Directory?
- Do these groups show for the user(s) in their /setup test results?
- Does this affect multiple users or only one user?
- Does the user use their Active Directory credentials?
Notes:- Users must log in with their Active Directory username (username or username@domain), not their email.
- You must ignore what shows as their "username" in the GCMS, as this is not what we use for authentication. Authentication processes through the LDAP service, and we sync accounts on either username or email field.
- What are the users' emails and usernames in Active Directory?
- What message does the user get when they log in with "/setup"?
Note: Please provide screenshots with your Support ticket.
Article Glossary
The terms located in this section are listed alphabetically.
- GCMS: Government Content Management System
- LDAP: Lightweight Directory Access Protocol
Feedback About the Article
Let us know what was helpful or not helpful about the article below.0 comments
Please sign in to leave a comment.