cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Need help navigating or using the PTC Community? Contact the community team. X

Validating an LDAP user

AM_9930586
6-Contributor

Validating an LDAP user

Hello all,

 

My team and I have gotten LDAP working via an ActiveDirectoryDirectoryService, but need to be able to validate another user's non-admin credentials with LDAP, without logging the second user in.

 

What services exist for manually validating an LDAP credential? We've tried the TestConnection, GetDomainGroups, and IsValidGroup services on the ADDS with admin and personal credentials, and they only work for the administrator.

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
slangley
23-Emerald II
(To:AM_9930586)

Hi @AM_9930586.

 

You can't use ThingWorx to manually validate LDAP users.  ThingWorx will only perform validation on an authentication request. 

 

If you do want to validate user details, you'll need to query your LDAP server directly.

 

Regards.

 

--Sharon

View solution in original post

2 REPLIES 2
slangley
23-Emerald II
(To:AM_9930586)

Hi @AM_9930586.

 

You can't use ThingWorx to manually validate LDAP users.  ThingWorx will only perform validation on an authentication request. 

 

If you do want to validate user details, you'll need to query your LDAP server directly.

 

Regards.

 

--Sharon

Hello,

 

For all of those services you mentioned, ActiveDirectoryDirectoryService tries to authenticate against LDAP with the credentials you pass into those services. It ignores admin credentials in the Configuration. It does not run an LDAP query for those credentials on behalf of the admin user. If your non-admin user cannot authenticate directly against your AD, then those services will all fail.

 

In other words, by passing credentials into those services, it behaves as if the "Dynamic User Login" checkbox was enabled.

 

/ Constantine

Top Tags