how to enable authentication for ldap users configured by mid server
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-13-2017 02:29 PM
Hi All,
I have integrated LDAP with servicenow using mid server. After successful integration, I have tried to login with the LDAP password. But it is giving error "User name or password invalid. To reset your admin password click here. Please note this is different than the credentials used to sign in to the Developer Site".
Can any one let me know is there any other way to that we can use the LDAP credentials to login into servicenow application. We have followed few of the documents, but not helpful.
Thanks,
Vamshi Krishna
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-13-2017 07:17 PM
This may help to debug the issue https://docs.servicenow.com/bundle/jakarta-servicenow-platform/page/integrate/ldap/concept/c_LDAPAut...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-13-2017 09:27 PM
Hi Vamsi,
It is not possible to authenticate using LDAP via the MID Server
..
LDAP integration via MID Server
Administrators can integrate using an LDAP data source over a Management, Instrumentation, and Discovery (MID) Server.
The MID Server facilitates communication and movement of data between the platform and external applications, data sources, and services. The MID Server is installed automatically for new instances.
You can use the MID Server to import data over LDAP, but you cannot use the MID Server for LDAP authentication. A MID Server does not support SSL connections.
Using a MID Server to establish an LDAP connection prevents you from having to expose the LDAP server to external network traffic. It also eliminates the need to establish a VPN tunnel between your LDAP server and data centers.Note:
- The MID Server user must have the user_admin role in order to be able to read LDAP server configuration records.
- The following are not available with the MID Server:
- LDAP authentication
- SSL connection
..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-13-2017 09:31 PM
You could use Okta to facilitate Authenticate using ADFS as the authentication source.
..
OKTA SSO integration
Administrators can enable the Okta SSO integration to provide single sign-on access to instances through Okta.
This integration allows users to access their instance without logging in with their user credentials. Users only need to sign on to their organization's Okta service to gain access to the instance.
How the Okta integration works
Organizations using Okta for single sign-on services typically have user information stored in another user management system, such as Active Directory. The user data is shared between Okta and these services or applications so that Okta always has the most up-to-date user credentials necessary to automatically log users into their applications. Organizations using Okta might also enter user data directly into the Okta user management service.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-13-2017 09:37 PM
Also, as you have imported users from AD to the instance via LDAP, you could set up Multi SSO so that AD is an IDP
..
Set up Multi-Provider SSO
You must perform several steps to set up Multi-Provider SSO, including configuring properties, creating identity providers (IdPs), and configuring users to use SSO.
- Configure Multi-Provider SSO propertiesConfigure SSO properties and also add a property to the System Properties table to configure an IdP white list.
..
