login failed while accessing the Active directory with logon name from WSO2 apim
Question
I've connected my WSO2 api manager with external ldap ie Microsoft Active Directory.
I have a following user in my Active directory :
Username : WSO2 Admin User logon Name : WSO2.Admin@india.test.com NT logon Name : INDIA\\WSO2.Admin
When I'm setting the Admin role for my user's Username in user-mgt.xml file. I'm able to login into the the WSO2 admin console with Username ie WSO2 Admin only and I'm also able to see all the users from active directory but If I'm trying to login into management console with the actual logon name ie india\\WSO2.Admin or WSO2.Admin@india.test.com It's showing me login failed error.
<AdminUser> <UserName>WSO2 Admin</UserName> <Password>xxxxx</Password> </AdminUser>
Can somebody please help me solving this?
1 answers
solution1
0 ACCPTED 2018-07-09 21:12:55
In WSO2 carbon (base for all wso2 products, not just apim) realms and domains are having different meaning.
eg the domain @india.test.com in the carbon logon form denotes the tenant (the default tenant is carbon.super . You may try to log in with WSO2.Admin@carbon.super in theory it should work. (I did not try it myself)
as well the realm (in form of realm\\username ) hints the carbon to use a secondary userstore with specified realm parameter (I may be wrong in this format, if someone knows for sure, feel welcome to correct me)
I believe full domain should work with a Kerberos authenticator (used for applications, not for the Carbon management console), but this authenticator has been reworked and improved in current versions, so I don't know current state)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.