Validating an LDAP user

Forum|Forum|2 years ago
July 14, 2023
2 replies
1245 views

Hello all,

My team and I have gotten LDAP working via an ActiveDirectoryDirectoryService, but need to be able to validate another user's non-admin credentials with LDAP, without logging the second user in.

What services exist for manually validating an LDAP credential? We've tried the TestConnection, GetDomainGroups, and IsValidGroup services on the ADDS with admin and personal credentials, and they only work for the administrator.

Troubleshooting

Best answer by slangley

Hi @AM_9930586.

You can't use ThingWorx to manually validate LDAP users. ThingWorx will only perform validation on an authentication request.

If you do want to validate user details, you'll need to query your LDAP server directly.

Regards.

--Sharon

S

slangley

Answer

Community Manager

Hi @AM_9930586.

You can't use ThingWorx to manually validate LDAP users. ThingWorx will only perform validation on an authentication request.

If you do want to validate user details, you'll need to query your LDAP server directly.

Regards.

--Sharon

C

Constantine

18-Opal

Hello,

For all of those services you mentioned, ActiveDirectoryDirectoryService tries to authenticate against LDAP with the credentials you pass into those services. It ignores admin credentials in the Configuration. It does not run an LDAP query for those credentials on behalf of the admin user. If your non-admin user cannot authenticate directly against your AD, then those services will all fail.

In other words, by passing credentials into those services, it behaves as if the "Dynamic User Login" checkbox was enabled.

/ Constantine

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded