Date Posted:
Product: TIBCO Spotfire®
Product: TIBCO Spotfire®
Problem:
Empty groups after LDAP group synchronization due to incorrect group scope
Solution:
When using global catalog port in your LDAP configuration on your TIBCO Spotfire Server configuration with group sync enabled, after a completed synchronization there are some groups which are coming in empty without any users under those groups.
There may be other possible causes such as the LDAP bind account having insufficient privileges to read the member/memberOf properties on the user and group objects, but one potential issue is the scope defined on the group object in the directory.
To resolve, change the group scope from "Global" to "Universal". If the global catalog is used in the LDAP configuration then the group scope has to be "Universal".
Group Scope:
KB: Difference between using the default port 389 and default Global Catalog port 3289 in a Spotfire LDAP configuration.
Comments
0 comments
Article is closed for comments.