Shop

Your Notifications (0)

There are currently no notifications. You're all set!

Demos Trials
Knowledge Base
ChemDraw and ChemOffice+ Products Signals Notebook E-Notebook and ChemBioOffice Enterprise Spotfire and Signals Spotfire Products Columbus Signals Image Artist
Downloads
Downloads
Community
Support Forums Ideas Portal Product Basics
About Support
Legal Resources Support and Maintenance Plans Product Life Cycle Support News
Contact Support

User(s) unable to login in Spotfire when username attribute is changed from 'sAMAccountName' to "userPrincipalName" or "mail" in Spotfire server LDAP configuration.

Rich Talbot
  • Updated
Date Posted:
Product: TIBCO Spotfire®

Problem:

User(s) unable to login in Spotfire when username attribute is changed from 'sAMAccountName' to "userPrincipalName" or "mail" in Spotfire server LDAP configuration.


Solution:

Spotfire server uses the LDAP attributes defined in the Spotfire server LDAP configuration. While logging into Spotfire, user should enter the username that match's the LDAP attribute as per Spotfire server LDAP configuration.

Example:
If you set the username attribute as "userPrincipalName" , then you need to enter a username as "user@domain.com". 
If you set the username attribute as "samAccountName", then you need to enter a username as "user".

* When username attribute as "userPrincipalName"  :
User-added image

- When you change username attribute under Advanced Settings in Spotfire server LDAP Configuration from "samAccountName" to "userPrincipalName" or "mail" then new entries for user@domain.com will get added in Spotfire.

- After changing username attribute as above, user won't be able to login in Spotfire.
- The following error appears in Spotfire server logs (server.log):
-----------------
DEBUG 2019-02-20T08:54:35,194-0400 [unknown, #0] jaas.ldap.LDAPLoginModule: Authenticating user 'test@xyz.com' in LDAPLoginModule
DEBUG 2019-02-20T08:T08:54:35,194-0400 [unknown, #0] jaas.ldap.LDAPLoginModule: Parsing the username into a user and a domain part
DEBUG 2019-02-20T08:T08:54:35,195-0400 [unknown, #0] jaas.ldap.LDAPLoginModule: The specified domain name does not match any of the domains handled by this instance: 'XYZ', 'ABC'
TRACE 2019-02-20T08:T08:54:35,195-0400 [unknown, #0] jaas.ldap.LDAPLoginModule: This login module doesn't handle domain xyz.com
ERROR 2019-02-20T08:T08:54:35,195-0400 [unknown, #0] server.security.AuthenticationManager: Error authenticating user 'test@xyz.com'
------------------  As Spotfire does not consider @domain.com as actual part of the username. To resolve this issue, disable the "Parse user and domain name". .

Follow below steps to  disable the "Parse user and domain name" setting:
- Login to Spotfire server machine
- Launch Spotfire server Configuration tool
- Go to "Configuration" tab 
- Click on "Domain" in left panel
- In right panel, set "parse user and domain name" to "no". 
- Save the configuration and then restart the Spotfire server service.

Related articles