LDAP authentication does not work after migrating from 7.0.2 to 7.1.1.3
We are migrating a BF 7.0.2 environment to 7.1.1.3. The bfmigrateconfig tool completed successfully. BF starts up fine and all the configuration data appears to be there.
However, none of the migrated user accounts can authenticate against LDAP. We can only login using the root account. The error in the log is:
WARNING: Login failed - User '<userid>' is not in the Authorized Group DN for Domain 'dssldap'.
A trace by Security on BF's LDAP call indicates no errors. The response sent back to BF contains the correct groups. Also, the LDAP configuration screen on the BF 7.1.1.3 instance is identical to the one on the 7.0.2 instance. Note that we are connecting to the LDAP server using "anonymous" (there is no bind account/password)
I cannot delete and recreate the accounts because there are too many of them and also because experience tells me all the logs associated with a deleted account lose their original ownership.
Am I missing something obvious here?
Thanks!
Jozef
However, none of the migrated user accounts can authenticate against LDAP. We can only login using the root account. The error in the log is:
WARNING: Login failed - User '<userid>' is not in the Authorized Group DN for Domain 'dssldap'.
A trace by Security on BF's LDAP call indicates no errors. The response sent back to BF contains the correct groups. Also, the LDAP configuration screen on the BF 7.1.1.3 instance is identical to the one on the 7.0.2 instance. Note that we are connecting to the LDAP server using "anonymous" (there is no bind account/password)
I cannot delete and recreate the accounts because there are too many of them and also because experience tells me all the logs associated with a deleted account lose their original ownership.
Am I missing something obvious here?
Thanks!
Jozef