cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Learn all about PTC Community Badges. Engage with PTC and see how many you can earn! X

LDAP authorization for second user

Go to solution
AM_9930586
6-Contributor
6-Contributor
‎Jul 13, 2023 04:21 PM
‎Jul 13, 2023 04:21 PM

LDAP authorization for second user

Software versions: TWX 9.1.14, MFG apps 9.1.1

 

Hello all,

 

My team and I have successfully set up an Active Directory Directory Service (ADDS), so that users log in with their AD credentials, over an LDAPS connection.

 

We also need to validate a second LDAP user, without logging out and back in. We've tried using the TestConnection Service, but always receive the result of "Unable to decrypt password".  See code example below, where we pull all of our inputs from the (still working) ActiveDirectoryDirectoryService:

 

let table = DirectoryServices["ADDS1"].GetConfigurationTable({
  tableName: "Connection" /* STRING */
});

result = DirectoryServices["ADDS1"].TestConnection({
 server: table.server /* STRING */,
 password: table.adminPassword/* STRING */,
 protocol: table.protocol /* STRING */,
 port: table.port /* INTEGER */,
 userName: table.adminPrincipal /* STRING */
});

 

How do we encrypt the password so that the LDAP server is able to recognize it? The ADDS is clearly able to do so when using the "Test Connection" button (verified by checking the browser devtools, seeing the encrypted password in the params to the Service call), so how do we tap into that? We don't need the second user to do anything more than validate their credentials in this scenario.

 

 

Labels:
0 Kudos
Notify Moderator
ACCEPTED SOLUTION

Accepted Solutions
VladimirRosu
19-Tanzanite
19-Tanzanite
(To:AM_9930586)
‎Jul 14, 2023 04:35 AM
‎Jul 14, 2023 04:35 AM

Luckily, there's a support article exactly about this issue: https://www.ptc.com/en/support/article/CS357282

It's the first hit if you search on support portal for  "TestConnection ldap".

 

Hope it helps - please let us know.

View solution in original post

Notify Moderator
2 REPLIES 2
VladimirRosu
19-Tanzanite
19-Tanzanite
(To:AM_9930586)
‎Jul 14, 2023 04:35 AM
‎Jul 14, 2023 04:35 AM

Luckily, there's a support article exactly about this issue: https://www.ptc.com/en/support/article/CS357282

It's the first hit if you search on support portal for  "TestConnection ldap".

 

Hope it helps - please let us know.

Notify Moderator
AM_9930586
6-Contributor
6-Contributor
(To:VladimirRosu)
‎Jul 14, 2023 08:24 AM
‎Jul 14, 2023 08:24 AM

Somehow, I missed this page in all the searching I did. Thanks!

 

For posterity, here is the now-working snippet:

let table = DirectoryServices["ADDS1"].GetConfigurationTable({
	tableName: "Connection" /* STRING */
});

let ePass = encryptPropertyValue(table.adminPassword);

result = DirectoryServices["ADDS1"].TestConnection({
	server: table.server /* STRING */,
	password: ePass /* STRING */,
	protocol: table.protocol /* STRING */,
	port: table.port /* INTEGER */,
	userName: table.adminPrincipal /* STRING */
});

 

Notify Moderator
Announcements


Contact Community Management
Top Tags