Affected Versions: 25.1.6.0 through 26.0.2.0Status: Known Issue – Fix targeted for 26.0.3.0 Summary: You may see LDAP/AD users – especially child‑domain users – fail authorization even though the LDAP connection appears successful. Overview In ExacqVision Server versions 25.1.6.0–26.0.2.0, some LDAP/Active Directory environments may experience authorization failures, typically shown as: Query Authorization failedNot Authorized in LDAP… Continue reading LDAP / Active Directory Authorization Failures & Log In Failures when using ExacqVision Server 25.1.6.0–26.0.2.0
Tag: Active Directory
Child‑domain users fail SSO/LDAP authorization on specific versions of Exacq Server software
Issue Summary After upgrading to certain versions 25.1.6.0 or later, environments with multi‑domain Active Directory or configurations using Global Catalog over SSL (port 3268,3269) may see child‑domain users fail to authenticate via SSO/LDAP. Typical symptoms Exacq Client can query child domain groups, but child domain user query fails.Login attempts show “Not Authorized in LDAP.” “Auth… Continue reading Child‑domain users fail SSO/LDAP authorization on specific versions of Exacq Server software
Configuring Exacq Enterprise Manager (EM) for Active Directory (LDAP/LDAPS) and Global Catalog
Warning: Level 2 – Please do not distribute. Audience: Level 2 Support Applies to: Exacq Enterprise Manager (EM), AD Integration, Multi-domain Forests 1. Overview This KB describes how to configure Exacq Enterprise Manager (EM) to authenticate against Active Directory. It includes LDAP field requirements, recommended filters, and how to enable forest-wide authentication with the Global… Continue reading Configuring Exacq Enterprise Manager (EM) for Active Directory (LDAP/LDAPS) and Global Catalog
LDAP connection requirements
Description:- In order to succeed in the remote client authentication via LDAP, We will need to make sure that we have the following three points. The way Kerberos tickets work is that we need all three points able to see and connect to each other, so we need to check these requirements before establishing the… Continue reading LDAP connection requirements
ExacqVision Server and Client support LDAP authentication with Azure Active Directory
Azure Active Directory supports the LDAP interface when properly configured, and therefor LDAP can be used to sync the ExacqVision software stack with the Azure AD instance. Background Information: Lightweight Directory Access Protocol (LDAP) is an application protocol for working with various directory services. Directory services, such as Active Directory, store user and account information,… Continue reading ExacqVision Server and Client support LDAP authentication with Azure Active Directory
Enterprise Manager supports LDAP authentication with Azure Active Directory
Azure Active Directory supports the LDAP interface when properly configured, and therefor LDAP can be used to sync the ExacqVision Enterprise Manager software with the Azure AD instance. Background Information: Lightweight Directory Access Protocol (LDAP) is an application protocol for working with various directory services. Directory services, such as Active Directory, store user and account… Continue reading Enterprise Manager supports LDAP authentication with Azure Active Directory
exacqVision Enterprise Manager Domain User Search Fails Even After Authenticating With AD
Searches in EM fail after authenticating to AD. When they do a search to add a new user, it will not search or filter by the users name or says ‘no results found’ Solr Apache is reporting a corruption with the indexed files, so we cleared the indexed data and recreated it. Linux Steps…1. Reboot… Continue reading exacqVision Enterprise Manager Domain User Search Fails Even After Authenticating With AD
Server & Client and Active Directory
Automatic creation of Service Principal Name (SPN)
Starting with exacqVision 7.2, the server has the ability to automatically create its own service principal name (SPN). A valid SPN is required in order to enable single-sign-on. To enable this feature: Check the box next to “Permission to create SPN” on the LDAP/Active Directory settings page.Verify with your domain admin that the bind account… Continue reading Automatic creation of Service Principal Name (SPN)
Active Directory & LDAP Best Practices
Introductiona. Benefits of Integrationb. exacqVision Server must have Enterprise licensec. Use groups on domain 1.exacqVision to AD/LDAP Data Flow 2.Configuration 3.Troubleshooting 1. Introduction For an organization using Active Directory (AD) for user management of information technology services, integrating exacqVision into the AD infrastructure can greatly simplify continuing maintenance of user access to your video management… Continue reading Active Directory & LDAP Best Practices