Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
|A single word
|Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
You can specify that the search results contain a specific phrase.
"cat food" (quotation marks)
Topics that contain the literal phrase "cat food" and all its grammatical variations.
Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.
Two or more words in the same topic
|Either word in a topic
|Topics that do not contain a specific word or phrase
|Topics that contain one string and do not contain another
cat ^ mouse
|A combination of search types
( ) parentheses
- Troubleshooting Hardening
Troubleshooting Hybrid User Management - LDAP authentication
Problem: After upgrading UCMDB from version 10.30 (or earlier) to 10.31 (or later), LDAP authentication fails and users cannot log in to UCMDB. For example, a scenario like the following:
- You had UCMDB version 10.30 (or earlier)
- You configured LDAP server, and the UCMDB UI login is performed with multiple LDAP accounts
- You upgraded UCMDB to version 11.0
Cause: As a part of Hybrid User Management, each user will be assigned a repository (UCMDB or a configured LDAP repository). If, during the upgrade, there are some connection issues related to the LDAP Server, then the existing LDAP users that were already synchronized to UCMDB cannot be authenticated on that LDAP repository, as a result, those users will be assigned to UCMDB repository.
To check if it is the case with your environment, in UCMDB UI, go to Security > Users and Groups, in the Users tab check the existing users. All the users are listed there with the corresponding repositories. If the repository set for an external user is UCMDB instead of the corresponding LDAP server repository, then there was a connection error to the LDAP server when the upgrade was performed.
Solution: In this case, the users will not be able to log in anymore to UCMDB UI only by using the username. To fix the issue, do either of the following:
Perform the login by specifying the repository at login time.
For details, see How the hybrid user management authentication mechanism works (check “The repository is specified as an email address or Windows domain user” section).
In this way, the user will be authenticated against the repository specified, not on the UCMDB repository. As a result, in UCMDB there will be 2 users with the same username but on different repositories: the one on UCMDB repository that will not be able to log in and the one on the LDAP repository which will be able to login when the repository is also entered at login time.
Delete from database all the external users that have been wrongly associated to UCMDB repository at upgrade.
An example of such an SQL statement that selects the users who should be deleted is:
select * from urm_resources where type='Auth_USER' and resource_id like '%###UCMDB' and text_data like '%isExternal="true"%'
After deleting these users, the login is performed properly and the users are re-synchronized to UCMDB.
Note There could be other external users synchronized to UCMDB that are not LDAP-related, so double check which external users are deleted.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to email@example.com.
Help Topic ID: