Showing results for 
Search instead for 
Did you mean: 
Showing results for 
Search instead for 
Did you mean: 

LDAP Issue


LDAP Issue

Hi - I have Windchill V9.1 F000 installed, we authenticate using LDAP, - I have an issue with a user that keeps appearing as deleted in his library and also as a disconnected user in Principal Administrator - could it be that he has a hypen in his login ID - i.e. paul.kendall-white, I have no other users with double barrelled names so cant compare ... any help greatly appreciated

Tags (3)

Re: LDAP Issue

Shirley, you can query the WTUser table in your database, and look to see if the user's record is need of repair.

This is a T-SQL script will return all of the users that are setup for your instance of Windchill, even those that have been imported from your Windows AD / LDAP.

select * from wtuser.WTUser

wtuser = The scheme name that is your database. It's typically the same name as your database.

Now, lets filter those results down to the specific user in question.

select * from wtuser.WTUser where name = 'LOGINID'

LOGINID is the actual login ID that the user uses to authenticate with

When results are returned look in the column repairNeeded. Is it set to 1 or 0?

1 = Windchill is unable to find the user in the AD group that you have specified for your JNDI adapter

0 = Everything is ok

Can you fix this easily? Yes, you sure can. This script below will update the repairNeeded column in the database.

update wtuser.WTUser


repairNeeded = 0

where name = 'LOGINID'

After the record has been updated the user will be able to log back into Windchill.

Let me know if this works for you.

- Patrick


Windchill Customers

What browser do you most commonly use? (Chrome, Firefox, Edge Chromium, Internet Explorer 11, Safari, Other)

Learn more about how we are using our browser poll here