Table of Contents |
---|
...
If you would like Task Assignments to Role to also include users in nested groups, add the same string to User Member Of attribute.
Code Block |
---|
memberOf:1.2.840.113556.1.4.1941: |
How do I filter to only enabled users?
You may want to limit frevvo to only enabled users. Set the All Users Filter to
Code Block |
---|
(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)) |
In some cases, if one user in a group is disabled, email to the group (such as a Task Notification) may fail when the disabled user's email bounces. Adding this filter will resolve the email issue.
Can I have more than one LDAP tenant?
...
- The primary source of information is the log the frevvo log file. In most cases, the LDAP connector will try to indicate what the problem is in the logs. In the log file, look for lines with LDAPSecurityManager or LdapDao.
- It is useful to have an LDAP browser at hand, for instance, the Apache Directory Studio. With the browser you can:
- Check if the connection parameters that you configured in are in frevvo are correct.
- Run queries against LDAP and make sure that the expressions you configured in are in frevvo are correct and returning what you expect.
- If you can't spot the problem and need to contact frevvo support:
- Stop Stop frevvo
- Go to <frevvo-home>/tomcat/logs/frevvo.log.
- Follow these steps to change the log level from INFO to DEBUG
- Restart Restart frevvo
- Execute the steps that is causing problems.
- Send the log file (zip) to frevvo support (support@frevvo.com) with a description of the problem.
- Restore the log level to INFO.
Below are some common cases to help with troubleshooting. All of them assume that the connectivity is working, meaning that you tested, from the same box where is where frevvo is running and that the connection parameters to the LDAP server you configured in are in frevvo are correct.
As an admin I can't list the users or groups for the LDAP tenant
This is can be a problem with the expression you configured in All Users Filter (for users) and/or All Groups Filter (for groups) on the Edit Tenant screen. Also verify that the search bases are correct in the Users Base (users) and Groups Base (groups) fields. The LDAP Browser is useful here. Execute a search directly on your LDAP server using the same expression and bases you configured in and in frevvo and check if the result is correct.
...
- In IIS:
- Make sure Windows Authentication is set in the Default Web App (or the web app used to send requests to to frevvo)
- Verify that Anonymous Authentication is NOT set in the default Web App (or the web used to send requests to to frevvo)
- In In frevvo:
- Open FREVVO_HOME/tomcat/conf/server.xml
- Look at the AJP connector configuration.
- Verify that it has the attribute tomcatAuthentication="false"
...