Troubleshooting LDAP integration via MID Server

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Troubleshooting LDAP Integration via MID Server

    This guide addresses common issues encountered during LDAP integration via MID Server and outlines troubleshooting steps using the External Communication Channel (ECC) Queue. The primary focus is on verifying connections, browsing records, and importing data effectively.

    Show full answer Show less

    Test Connection Issues

    To verify the LDAP connection when defining Organizational Units (OUs), use the Test Connection related list. Upon testing, check the ECC Queue for an output message titled LDAPConnectionTesterProbe, followed by an input message with the same name. A "true" entry in the Name column indicates a successful test. Review the payload for any error messages.

    Browse Issues

    For viewing LDAP directory records, utilize the Browse related list. Similar to the test connection, the ECC Queue will show an output message named LDAPBrowseProbe, followed by an input message. A "true" in the Name column confirms success. Again, inspect the payload for errors.

    Load Import Issues

    When uploading data, such as with the Test Load 20 Records feature, look for an output message labeled LDAPProbe, and an input message called LDAPProbeCompleted. The Name column in LDAPProbeCompleted indicates the total records returned, while LDAPProbe shows the highest record number in the batch. Ensure to check for an LDAPProbeError message for any errors encountered during the process.

    LDAP Paging

    Be aware that LDAP paging may fail if the server's paging size is less than 1000. Adjust the MID Server property glide.ldap.maxresults to a value that complies with the LDAP server's paging size.

    Importing Binary Data

    To import binary data via LDAP, such as user photos, the binary attribute must be included in the MID Server property glide.ldap.binaryattributes. For instance, use jpegphoto for user photos.

    You may encounter issues in the following areas while integrating LDAP via MID Server.

    You can troubleshoot these issues by viewing the outputs found in the External Communication Channel (ECC) Queue (Discovery > Output and Artifacts > ECC Queue).

    Test Connection Issues

    When defining OUs within the server, there is a Test connection related list that is used to verify the LDAP connection. When you click this link, the ECC Queue should show a single output message with a topic name of LDAPConnectionTesterProbe. After the test has completed on the MID Server, the ECC Queue should show an input message with the same topic name. If the Name column for the input message shows true, the test was successful. Drill down into the record to view the payload and ensure it does not contain error messages.
    Figure 1. Test Connection

    Browse Issues

    When defining OUs within the server, there is a Browse related list that is used to view the LDAP directory records that the OU definition returns. When you click this link, the ECC Queue should show a single output message with a topic name of LDAPBrowseProbe. After data has been returned from the MID Server, the ECC Queue should show an input message with the same topic name. If the Name column for the input message shows true, the test was successful. Drill down into the record to view the payload and ensure it does not contain error messages.

    Load Import Issues

    When uploading data (for example, using the Test Load 20 Records feature), the ECC Queue should show a single output message with a topic name of LDAPProbe.

    After data has been returned from the MID Server, the ECC Queue should show another input message called LDAPProbeCompleted. The Name column for this input message shows the total number of records returned.

    An additional input messages, also named LDAPProbe, is displayed. The Name column for this input message displays the highest record number in the batch. If the total number of records returned is 258 and the batch size is 200 (the default), two LDAPProbe (200, 258) incoming messages will be received, and one LDAPProbeCompleted (258) incoming message will be received.

    Drill down into the record to view the payload and ensure it does not contain error messages.
    Figure 2. Import Load
    Also keep an eye out for an output message called LDAPProbeError.
    Figure 3. Error message

    Click the link in the Name column to view the details of the error.

    LDAP paging

    LDAP paging does not work if the paging size on the LDAP server is less than 1000. Set the MID Server property glide.ldap.max_results to a value less than or equal to the LDAP server paging size.

    LDAP fails to import binary data

    To import binary data via LDAP, such as a user photo, you must include the binary attribute in the MID Server property glide.ldap.binary_attributes. For the user photo example, the attribute may be jpegphoto.