- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-04-2014 09:12 AM
Is anyone else seeing this? We have JSS's on 9.61 authenticating to the same LDAP server without issue. Since bumping 3 x JSS's to 9.62 we can no longer auth with LDAP credentials....
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-04-2014 09:18 AM
Found the issue...
"Use recursive group searches" is enabled on 9.62 vs disabled on 9.61.
Just updated this setting and all is fine.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-04-2014 09:15 AM
Upgraded our PreProd to 9.62 (from 9.61) earlier this morning. No issues with LDAP (AD) credentials that I'm seeing in limited testing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-04-2014 09:18 AM
Found the issue...
"Use recursive group searches" is enabled on 9.62 vs disabled on 9.61.
Just updated this setting and all is fine.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-08-2014 08:56 AM
@james_ridsdale Guessing you had to stop/start Tomcat for the change to take effect?
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-08-2014 09:11 AM
Tomcat restarts made no difference. This was the first thing I tried.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-08-2014 09:15 AM
I meant did you uncheck "Use recursive group searches" and have to restart Tomcat for that change to take effect?
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-08-2014 09:36 AM
@james_ridsdale - upgraded from 9.6 to 9.62 yesterday. No issues with LDAP lookup, but also noticed that "Use recursive group searches" was enabled after the update. I've elected to uncheck it since it hasn't been needed in the past.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-08-2014 10:32 AM
I have no idea what my setting was before.
Isn't this the kind of thing we should know about before an upgrade? I read the release notes pretty closely..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-09-2014 09:47 AM
Where is the "Use recursive group searches" setting located on the JSS?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-09-2014 10:38 AM
Settings > System Settings > LDAP Server > ...pick one... > Mappings > User Group Membership Mappings > [x] Use recursive group searches
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-09-2014 10:39 AM
Our issue (Casper Remote "you don't have enough permission") was unrelated to this thread resolved with a workaround, will update the other thread.
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-12-2015 08:57 AM
Hi Don. I am also seeing the Casper Remote "you don't have enough permission" issue in our environment. Could you please post what workaround you are using or a link to the thread? Thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-12-2015 09:51 AM
Hi @derek.peterson, 9.63 fixed it:
Page 15:
[D-008176] Fixed an issue that prevented JSS user accounts that belong to a JSS user group and have custom privileges for Casper Imaging, Casper Remote, or Recon from opening and using those applications.
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-12-2015 05:00 PM
Thanks @donmontalvo!
To workaround the problem in Casper 9.62 enabling Use Casper Imaging, Customize a Configuration, and Store Autorun Data in Users Accounts & Groups Privileges restored the ability to use Casper Remote. This will do the trick until we can deploy Casper 9.63.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-12-2015 05:23 PM
Thanks @donmontalvo from us too. We found the same with 9.62 & your fix worked.