If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Cognos 10.2.1 FixPack3 - AD LDS LDAP configuration

Started by AussiePete2011, 02 Nov 2014 07:34:21 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

AussiePete2011

02 Nov 2014 07:34:21 PM
Hi all,

This one is driving me barmy.  I've created an AD LDS instance that I can connect to using Softerra LDAP browser using both the service account and an active user I've created.

AD LDS is running on Windows 2008 R2,  I'm using ADSI EDit version 6.1.7601.17514.
I've added 2 accounts for testing
I've set the password and then set msDS-UserAccountDisabled = FALSE

Testing access to this LDAP instance I'm using Softerra LDAP Browser 4.5 on Windows 7 Professional.

In the Cognos configuration I've added a new Authentication source - LDAP - Default values for Active Directory
Set the Namespace ID, Host and port and Base DN
User Lookup:  (uid=${userID})
External identity mapping: ${environment("REMOTE_USER")}  (Although I've tried (uid=${environment("REMOTE_USER")}) ...)
I've tried different iterations for External identity mapping

I keep getting prompted for a logon "Testing logging on to "<NamespacID" namespace.  I've tried the fully qualified account, single name and domain name but nothing is being accepted and I end up with an error as below.

In Softerra the accounts all allow me to logon and browse the LDAP instance using both the MD5 and GSS authentication methods and are either of the form

domain\<account>
OR
CN=CogTest,OU=Standard Users,OU=User Accounts,DC=Mydomain,DC=com

Cognos LDAP error.
[''Cognos LDS'']
[ ERROR ] CAM-AAA-0146 The namespace 'CognosLDS' is not available.
[ ERROR ] CAM-AAA-0064 The function 'Configure' failed.
[ ERROR ] The user cannot access the application at this time.
[ ERROR ] CAM-AAA-0056 Unable to authenticate.
[ ERROR ] CAM-AAA-0064 The function 'LDAPHandlePool::CreateHandle()' failed.
[ ERROR ] CAM-AAA-0026 The function call to 'ldap_simple_bind_s' failed with error code: '49'
[ ERROR ] Invalid credentials

[''Cognos LDS'']
[ ERROR ] AAA-AUT-0011 Invalid namespace was selected.

What am I missing?

Cheers
AussiePete.

AussiePete2011

#1
02 Nov 2014 08:50:27 PM
Hi All,

I'm not sure what happened but now it's working for some reason.  Chalk it down to a network error, go figure.

[''Cognos LDS'']
User account properties:
      defaultName: CogTest
      userName: CogTest
      givenName:
      surname:
      email:
      businessPhone:
      mobilePhone:
      homePhone:
      faxPhone:
      pagerPhone:
      postalAddress:

Group membership:
      Readers

Tenant ID:
      No associated tenant ID.

Alls well that ends well
Cheers
AussiePete

sdf

#2
15 Oct 2015 08:26:31 PM
Hi,

Im having the same scenario now.
Same errors as well.
Would appreciate if you can share any docs/steps on how you set up yours.


Print
Go Up Pages1
User actions
BSP Software Documentation
MetaManager Documentation and Knowledgebase
Version Control Documentation and Knowledgebase
BSP Software Resources About Us
MetaManager BSP Software Training BSP Software
Integrated Control Suite YouTube Channel Micro Strategies Inc
Security Migration IBM Cognos
Integrated Management Suite