Skip to main content
P
Peter...1-Visitor
1-Visitor
June 6, 2022
Solved

Modifying the LDAP search scope Windchill 12

  • June 6, 2022
  • 1 reply
  • 3046 views

I need to move my users to a new OU in AD, Our current Windchill installation uses AD to authenticate the users using an LDAP adapter.

 

Using Info*Engine I have changed the Search base value in the current adapter to reflect the new OU in AD and ran the โ€‹ant -f webAppConfig.xml regenWebAppConf command from the Windchill shell, however when I move my users to the new OU they cannot login to Windchill.

 

I must be missing some steps to get this working, any help would be appreciated

 

 

 

 

Best answer by TomU

I should also add that the ant command is only needed after changing the Apache config.  It has nothing to do with Info Engine changes.  For those to take affect you need to restart Windchill.

1 reply

S
SWeiler_994026116-Pearl
16-Pearl
June 6, 2022

You can use a tool like JXplorer to test your LDAP connection. You can connect with or without a Search base in order to validate that it is correct. 

http://jxplorer.org/downloads/users.html

 

You may also need to check your filter:
......windchill.mapping.user.filter:

 

P
Peter...1-VisitorAuthor
1-Visitor
June 6, 2022

Hello,

I forgot to mention that we are running Windchill version 12

 

The Directory system agent user does not change and I can still browse the AD structure using this account after I have made the change to the search base.

 

It is when I change the search base using the Info Engine utility from

ptcProperty: xxx.xxxx.MSADLdap.searchBase=OU=Restricted,OU=User,OU=XXXXXXXX,OU=XXXXX AND XXXXXX,DC=XXXX,DC=XXXX

to 

ptcProperty: xxx.xxxx.MSADLdap.searchBase=OU=Restricted,OU=User,OU=XXXXXXXX,DC=XXXX,DC=XXXX

I then ran the โ€‹ant -f webAppConfig.xml regenWebAppConf command from the Windchill shell

but after this change users can no longer login to Windchill.

 

Where do I find the ......windchill.mapping.user.filter:

 

S
SWeiler_994026116-Pearl
16-Pearl
June 6, 2022

It's in Info Engine, in the Additional Properties

 

Something like:

Property: local.EnterpriseLdap2.windchill.mapping.user.filter

Value:

memberOf=CN=WCUsers,CN=Users,DC=company,DC=local

 

    Terms & ConditionsCookie settingsAccessibility statement