AD Authentication issues

We are seeing a recurring log message of error fetching users/groups. It is a wrapper message declaring an invalid configuration for directory search: no username/password for search. How can I determine which application is triggering/failing this authentication? I don’t see any details of what project or user connection is being used for this.

@LandrethEdward, that’s most likely coming from an active directory (or AD/hybrid) user source. Check gateway configuration.

I checked both our AD and hybrid AD profiles by selecting “Verify an Authentication Profile” and entering the user/password they have setup and both came back successful. I see this message a lot on another server as well that uses the same authentication setup, but cannot find any details of what profile or object is having the issue. I added a snippet of the message, is there any way I can use this to pinpoint the object triggering a wrapper message?

Are your ad/hybrid profiles set up to ‘List Users from Active Directory’? Are they able to connect anonymously?

It looks like you may just have a setup we didn’t envision, at least based on what the error message is telling me; if you choose to do so, an Ignition user profile can periodically fetch users from active directory to build a local cache, but we expect that to require authentication - so an exception is thrown if you didn’t provide one. It’s technically possible for an LDAP query to not require authentication, just relatively uncommon. I suspect that’s what’s happening here - let me know if that might explain things. If you don’t have any AD user sources without a username/password configured, then I’m not sure what’s going on.

Hi @LandrethEdward are you able to resolve the issue as i am facing the same.

Hello @Sourabh_Ambildhuke unfortunately I have since relocated to a different site in my company and don’t recall the specifics of trying to resolve this, but at this time we’ve had our servers start moving to SSL on port 8043 so I don’t know if maybe that helps with establishing the AD connection. I know we do use username/password on our AD user sources and my previous site’s AD sources were copied from how my current site was setup, but we do not get this message on the servers at my current site. I will pass this along to the team member who is more familiar with the security setup on our servers and see if they had done anything else that may have helped resolve this then repost here if they know anything.

Did you get this resolve? We are on V8.18 and are seeing the issue.