BPM, Workflow, and Case

BPM, Workflow, and Case

Come for answers. Stay for best practices. All we’re missing is you.

 View Only
Back to discussions
Expand all | Collapse all

CP4Automation LDAP login error

  • 1.  CP4Automation LDAP login error

    Posted Thu July 23, 2020 11:59 AM
    Installed CP4Automation on OpenShift 4.3. Successfully installed BAW.
    I'm able to login to the BAW admin client and ACCE without any problem.
    When I try to login to PHP LDAP using admin user (cp4admin) I get an invalid credentials error.
    I'm attaching the snaphot of the error.
    (What is the right login for CP4Automation demo/evaluation install)


    ------------------------------
    Pandian Mariadoss
    IT Consulting Specialist
    IBM
    Coppell TX
    ------------------------------


  • 2.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 06:01 PM
    Edited by Stephanie Wilkerson Thu July 23, 2020 06:17 PM

    Hi Pandian,

    So the fact that you can login to ACCE or BAW, that means that the OpenLDAP that CP4A deploys is working properly with the cp4admin user credentials. The issue that you're observing is the ability to use a LDAP browser (i.e., PHP LDAP Admin) to connect to the OpenLDAP, but encountering an issue?  I am not familiar with that tool so it's unclear if there is a connection issue, but can you try:

    cn=cp4admin,dc=example,dc=org as the user

    and the same password for this user that you used to login to ACCE.



    ------------------------------
    VINCENT Le
    ------------------------------

    Original Message


  • 3.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 07:32 PM
    Thanks for the response. Yes, you are correct I'm trying to login to PHP LDAP admin website.
    I tried DN the cn=cp4admin,dc=example,dc=org and also tried cn=cp4admin,dc=federal,dc=pub,dc=ibm,dc=gsc (according to domain address) nothing works.
    My purpose of login to the LDAP admin is to add more users/group as the Process Admin is configured to use LDAP as the user registry


    ------------------------------
    Pandian Mariadoss
    IT Consulting Specialist
    IBM
    Coppell TX
    ------------------------------

    Original Message


  • 4.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 08:04 PM
    Ok, so it might just be a connection issue.  Questions:

    1. Is your PHP LDAP running as a container inside the same Kubernetes cluster as your CP4A deployment?  If yes, are you connecting using the service endpoint of the OpenLDAP?  Can you provide your connection info of PHP LDAP here?

    2.  Or are you running PHP LDAP as a standalone application outside of the Kubernetes cluster?  If yes, there are network policies that you have to take into consideration.

    ------------------------------
    Vincent Le
    Cloud Pak for Automation Development
    IBM
    Costa Mesa CA
    ------------------------------

    Original Message


  • 5.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 08:05 PM
    Can you also give me your ACCE URL here?

    ------------------------------
    Vincent Le
    Cloud Pak for Automation Development
    IBM
    Costa Mesa CA
    ------------------------------

    Original Message


  • 6.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 08:13 PM
    I just looked at the Operator code and realize that the PHP LDAP is something that the Operator deployed as part of the "demo" (evaluation) deployment.  Let me check with the team to see what the issue here and why you're unable to login as "cn=cp4admin".

    ------------------------------
    Vincent Le
    Cloud Pak for Automation Development
    IBM
    Costa Mesa CA
    ------------------------------

    Original Message


  • 7.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 08:23 PM
    Yes, you are correct. The LDAP was deployed using the IBM Operator which comes with CP4Automation for Kubernetes. All the pods are running in the same cluster. The URL for ACCE is https://cpe-cp4a-demo1.apps.federal.pub.ibm.gsc/acce/.
    In installed CP4Automation as demo/evaluation copy and was able to deploy an old case template but it requires some extra users to access the case pages.

    ------------------------------
    Pandian Mariadoss
    IT Consulting Specialist
    IBM
    Coppell TX
    ------------------------------

    Original Message


  • 8.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 08:29 PM
    There are user1 through user10 (not sure if you can use those users) for your use cases.

    ------------------------------
    Vincent Le
    Cloud Pak for Automation Development
    IBM
    Costa Mesa CA
    ------------------------------

    Original Message


  • 9.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 10:14 PM

    Ok, can you try:

    "cn=admin,dc=example,dc=org" to login to LDAP admin console, and you can find the admin secret from cluster. The secret name is "{{ meta.name }}-openldap-secret" (replace "{{meta.name}}" with the meta.name's value defined in the final CR yml file and it looks like your meta.name is "cp4a-demo1"). The password key in secret is "LDAP_ADMIN_PASSWORD".



    ------------------------------
    Vincent Le
    Cloud Pak for Automation Development
    IBM
    Costa Mesa CA
    ------------------------------

    Original Message


  • 10.  RE: CP4Automation LDAP login error

    Posted Thu July 23, 2020 11:39 PM
    Thanks. That helped. I was able to login. The secret file name is 
    icp4adeploy-openldap-secret


    ------------------------------
    Pandian Mariadoss
    IT Consulting Specialist
    IBM
    Coppell TX
    ------------------------------

    Original Message


Related Content