Is anyone else seeing this? We have JSS's on 9.61 authenticating to the same LDAP server without issue. Since bumping 3 x JSS's to 9.62 we can no longer auth with LDAP credentials....
Solved
LDAP authentication failing after 9.62 upgrade
+9Best answer by james_ridsdale
Found the issue...
"Use recursive group searches" is enabled on 9.62 vs disabled on 9.61.
Just updated this setting and all is fine.
+14Upgraded our PreProd to 9.62 (from 9.61) earlier this morning. No issues with LDAP (AD) credentials that I'm seeing in limited testing.
+9Found the issue...
"Use recursive group searches" is enabled on 9.62 vs disabled on 9.61.
Just updated this setting and all is fine.
+36I meant did you uncheck "Use recursive group searches" and have to restart Tomcat for that change to take effect?
@james_ridsdale - upgraded from 9.6 to 9.62 yesterday. No issues with LDAP lookup, but also noticed that "Use recursive group searches" was enabled after the update. I've elected to uncheck it since it hasn't been needed in the past.
+14I have no idea what my setting was before.
Isn't this the kind of thing we should know about before an upgrade? I read the release notes pretty closely..
+36Settings > System Settings > LDAP Server > ...pick one... > Mappings > User Group Membership Mappings > [x] Use recursive group searches
+36Our issue (Casper Remote "you don't have enough permission") was unrelated to this thread resolved with a workaround, will update the other thread.
+5Hi Don. I am also seeing the Casper Remote "you don't have enough permission" issue in our environment. Could you please post what workaround you are using or a link to the thread? Thank you!
+36Hi @derek.peterson, 9.63 fixed it:
Page 15:
[D-008176] Fixed an issue that prevented JSS user accounts that belong to a JSS user group and have custom privileges for Casper Imaging, Casper Remote, or Recon from opening and using those applications.
+5Thanks @donmontalvo!
To workaround the problem in Casper 9.62 enabling Use Casper Imaging, Customize a Configuration, and Store Autorun Data in Users Accounts & Groups Privileges restored the ability to use Casper Remote. This will do the trick until we can deploy Casper 9.63.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.