[Active Directory] ADToken

[Active Directory] ADToken

  
Forge Component
(5)
Published on 12 Jul by Renato Pauleta
5 votes
Published on 12 Jul by Renato Pauleta

Where can I find the value for ADToken required for the login?

Hi Robert,

You should create the type of connections for your AD in the screen http://<server>/ADConfigurations

Create a new ADAccess:

Name your connection and add the domain, container (optional), username and password (optional, if you require write access).

This will generate a Token which you then use in the API calls to the AD (actions in the ActiveDirectoryCore).

The module ADConfigurations also uses the token approach for you to quickly test the users and groups, you'll need to go to Service Center in the ADConfigurations module and set the site property ADToken to one of the ADAccess Tokens you've created.

Thanks for your prompt response. I tested it right away.

As per your instructions:

1. I defined the domain and generated a ADToken.

2. I change the site property of ADConfiguration, adding the ADToken.

2. I used the ADToken to login at the domain. (For this, I used a app with have the Forge component as a dependency)

3. The tests were unsuccessful.

4.  I Repeated the whole cycle, using the ip address, but the test was unsuccessful.  After testing, in this entry, a user from Outsystems were added automatically.

Then:

1. Is it configuration?  I am using only the name and domain values.

2. After some changes, it shows me the following message: "Array dimensions exceeded supported range."; how can it be fixed?

I attached some images from the tests.

Thanks.

  

Robert Feliberty wrote:

Thanks for your prompt response. I tested it right away.

As per your instructions:

1. I defined the domain and generated a ADToken.

2. I change the site property of ADConfiguration, adding the ADToken.

2. I used the ADToken to login at the domain. (For this, I used a app with have the Forge component as a dependency)

3. The tests were unsuccessful.

4.  I Repeated the whole cycle, using the ip address, but the test was unsuccessful.  After testing, in this entry, a user from Outsystems were added automatically.

Then:

1. Is it configuration?  I am using only the name and domain values.

2. After some changes, it shows me the following message: "Array dimensions exceeded supported range."; how can it be fixed?

I attached some images from the tests.

Thanks.

  

Can you try creating a an ADAccess with username / password? You'll need a user that as access (permissions) to the active directory.

Is your LDAP module using one of the tokens you've created? Adding the token just to the ADConfigurations module is just so you can check if the basic functionality is working. Something like:

If the user's search is working in the ADConfigurations module, then it means your configuration is correct, but you'll need to make sure the LDAP module you're using to validate the login also uses the same token as defined in ADConfigurations. Typically creating a new site property in the LDAP module and store there the one you need.


Let me know if works.


I made the changes, as per you instructions. Nevertheless, the error messages that is shown is the following: "The server could not be contacted.".

I changed the authentication type from LDAP to AD.  The same error appears.  Then I changed the default domain from POLICIA to POLICIA.COM and still "The server could not be contacted." was shown

Then returned to LDAP and validate connection, using the same user SARP12 and the result was "The server could not be contacted."

What can cause this message?  

This domain and Outsystems are connected through a VPN.   I connected using a vpn to the domain during the tests.  I will report the VPN between Outsystems and this domain.

Attached are screens from the tests.

Have you tried adding the port as you have in users configuration?

If this doesn't work let's try to schedule a call Monday if you're available.

Cheers.

I appreciate your prompt response and your availability for the call.

I added the users.  Specifically this las Friday a message "The server could not be contacted." was shown all day, this I suspect something was wrong at network level.  So I tested today.  

Regarding network connection:  am waiting to confirm if the VPN can have connection to the LDAP (active directory) server from the Paps infrastructure support.

Regarding forge component: Tofday I tested, and the message is shown with the ADToken related to POLICIA.COM:389 domain.  Where the address is used, 10.48.206.7:389, the message did not appear.

I am at a Atlantic Standard Time Zone (with no Daylight Savings Time used).  Can we wait until I confirm that at network level we can access the LDAP server?  Because I at newtork level we have no connection, we will have to wait until that step.

Interesting:

At management level I can validate against the LDAP defined. But "The server could not be contacted." message is shown in some cases. Why? 

Solution

Seems like you've made some progress, but I don't fully understand where you're having issues now.

Let me know if you'd like to talk and maybe share screen.

Solution

Thanks.  When can we make the call ?

Currently I cannot validate user against the LDAP, maybe Outsystems environment cannot have connection to LDAP (AD) server.


Is it productive to troubleshoot the AD forge component without connection between the environment and the LDAP?

We got to validate our users and the login action returns values according to the type of the user.

Thanks for such an excellent support. 

The LDAP URL lacked the slash between the port number and the base dn.