question Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate in Developer forum

Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

shill — Thu, 08 Mar 2012 20:27:33 GMT

Has anyone ever seen these errors? Both errors are listed in the LDAP log each time he attempt so login to SN. All other internal systems that uses AD for authentication work fine. Refreshing his user record does not cause an error and changing one of the fields populated by our LDAP feed correctly updates on the next scheduled load.
Our AD admin is stumped and I am not an AD guy, so I have no idea what it could be. Just really looking for clues at this point.

Has anyone ever seen this issue before in their instance?

Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

cwilker10 — Fri, 09 Mar 2012 01:42:10 GMT

Make sure that the user is visible to service-now. It's possible that there is a filter on the ldap connection preventing the connection from seeing the user record on AD. It's also possible that the service-now user doesn't have rights to see this user account any more. Start by trying to browse from within service-now and make sure you can find it from there.

Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

sshall — Wed, 11 Apr 2012 16:03:00 GMT

We are experiencing the same issue here. "No DN returned for ..." and "No user information found in ldap for ...". This is on a two-domain setup, with one LDAP server in ServiceNow for each domain.

We can browse AD just fine and pull up the user's details from within ServiceNow's LDAP browser.

It actually looks like we're having issues using the UPN as a username (user@domain.com) instead of sAMAccountName. If I change the user account in ServiceNow to have a username the same as sAMAccountName instead of userPrincipalName, the issue is resolved. Unfortunately, that fix won't work for us, so we're still looking for another solution.

Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

sshall — Wed, 11 Apr 2012 22:12:51 GMT

Our issue is now resolved. We weren't pulling the DN from Active Directory. I added a field on sys_user named u_ldap_dn, added the appropriate transform mapping from "distinguishedname" to "u_ldap_dn" in the LDAP User transform map, and set the "DN Field" on the LDAP Server to the newly created field and everything works as designed.

The wiki hints at this, but doesn't explicitly call out that you'll need to import the DN to a field in order to use the userPrincipalName.

EDIT: The "DN Field" only shows on the advanced view of the LDAP server record. You'll have to click the "Advanced View" ui link to see this field.

Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

Wybren1 — Tue, 30 Apr 2019 09:53:43 GMT

I stumbled upon this thread, with the same error.
Aldo this is a long time ago I still want to give the solution.

1) The LDAP Server needs to direct to the Server that can query the user. (which is the sys id of the record ldap server)

2) The source is the DN of the user for instance in my case (ldap:uid=newton,dc=example,dc=com)
I've used a test ldap from this website (https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/) which can even used with the UID.

Here comes the part that fixed is for me:

3) In the LDAP OU Definitions with the Table sys_user must QUERY the User ID from ServiceNow you want.

So the "Query field" must be the field for the 'User ID' in ServiceNow

- sAMAccountName(Default) or UPN or mail

- For my instance I used 'mail' since our User ID's are equal to the 'email' (transform map)

Be sure you define your Transform maps correctly, like filling the DN and LDAP Server of the user.

If the sys property (glide.ldap.user.autoprovision) is set to true, it will insert user when not existing this will be filled in automatically aswel with the use of the transform map given. If not correctly the user can login 'once' and then fail, because of the wrong LDAP Server OR Source.

Hope this helps!

Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

Robin L — Thu, 24 Jun 2021 14:33:01 GMT

There is a field in LDAP called source. During the transform, Source is mapped to the field in ServiceNow called Source. Then on the LDAP server record, DN Field is set to Source. Hope this helps!

-Robin

Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

Community Alums — Wed, 08 Jun 2022 09:12:12 GMT

Hi Wybren, can you give me the sample transform map, please?

I also faced about issue when all users sync into Servicenow, but when i try to log in to Servicenow instance, and the result has failed to sign in.

Re: Errors "No DN returned for XXXX" and "No User information found in ldap for XXXX" when user tries to authenticate

Community Alums — Wed, 08 Jun 2022 10:38:25 GMT

My solutions is:

Verifying in LDAP OU Definitions with table=sys_user

The value of field [query_field] is the field in LDAP server side and This value must be same the field is mapped with user_name in sys_user at TRANSFORM MAP.

Example: when I select query_field=mail at LDAP OU Definition record (table=sys_user) and save. Then, I have to map in Transform map: mail (LDAP Server side/Source field) = user_name (sys_user table/target field).