You are not logged in.
Pages: 1
Hi,
Is there a way to synchronise users created locally in our application with reportserver usersandgroups
Thank you
Offline
Hi Frank,
you can take a look at the LDAP synchronization if you have an LDAP server with your users/groups:
https://reportserver.net/en/guides/scri … sing-LDAP/
https://reportserver.net/blog/2013/08/0 … ntication/
Cheers,
Eduardo
Offline
Hi Eduardo,
Thanks For the reply,
I am in new in this, I have tried the solutions provided in the above links, but failed in executing ldapImport.groovy file,
getting following authentication error
*************************************
Script execution failed.
error message: javax.script.ScriptException: javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] (javax.naming.AuthenticationException)
script arguments:
file: ldapimport.groovy (id: 342341, line 457)
line number: 457 (68, 31)
line: loadFromDirectory();
*****************************************
Actually we are trying to set jumpcloud as a ldap service, for importing users from jumpcloud to reportserver. We have made the following changes in the groovy file
----------------------------------
lul.setProviderUrl("ldap://ldap.jumpcloud.com:389");
        lul.setSecurityPrincipal("DC=ldap,DC=jumpcloud,DC=com");
        lul.setSecurityCredentials("user-id");         
      
        lul.setLdapBase("UID=user-id,OU=Users,O=ORG_ID,DC=jumpcloud,DC=com");
--------------------------
Could you please help us to sort out this issue.
Regards
Frank
Offline
Hi Eduardo,
Is there any other possible ways to sync users from an application without the use of LDAP Server?
Regards,
Frank
Offline
Hi Frank,
you could write a script that reads the users from your other system and creates these in reportserver if they don't exist. Do you need a periodic synchronization or a 1-time import?
Cheers,
Eduardo
Offline
Hi Eduardo,
We actually need a periodic synchronisation from our application to ReportServer.
Regards,
Frank
Offline
Hi Frank,
for this, we would recommend using LDAP, as it also offers synchronization (https://reportserver.net/en/guides/scri … sing-LDAP/).
If you don't want to use LDAP, you would have to write your own script (similar as ldapimport.groovy): https://reportserver.net/en/guides/scri … ortgroovy/
Regards,
Eduardo
Offline
----------------------------------
lul.setProviderUrl("ldap://ldap.jumpcloud.com:389");
lul.setSecurityPrincipal("DC=ldap,DC=jumpcloud,DC=com");
lul.setSecurityCredentials("user-id");
lul.setLdapBase("UID=user-id,OU=Users,O=ORG_ID,DC=jumpcloud,DC=com");
--------------------------Could you please help us to sort out this issue.
Hi Frank,
have you been able to connect to the LDAP server? Or do you still got problems ?
lul.setSecurityCredentials("user-id");  // should contain your password. Is this correct ?
lul.setLdapBase("UID=user-id,OU=Users,O=ORG_ID,DC=jumpcloud,DC=com");  // the base directory where the users are going to be searched for. You can try with: 
OU=Users,O=ORG_ID,DC=jumpcloud,DC=com
O=ORG_ID,DC=jumpcloud,DC=com
DC=jumpcloud,DC=com
Cheers,
Eduardo
Offline
Hi Frank,
in https://support.jumpcloud.com/customer/ … es/2439911 I read this:
Configuration Details and Supported Standards
Hostname: ldap.jumpcloud.com
URI: ldap://ldap.jumpcloud.com (clear text or STARTTLS) - OR -
ldaps://ldap.jumpcloud.com (SSL)Ports: 389 (clear text or STARTTLS) - OR -
636 (SSL)LDAPS Client Certificate: If required by your application, see JumpCloud LDAPS SSL Client Certificate
LDAP Distinguished Name: uid=LDAP_BINDING_USER,ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com
Notes:
This value is found in the user details (See above screenshot)
Your application may not have a field called LDAP Distinguished Name, it may be referred to as the BindDN or may only have a 'username' field paired with a password. This is the correct value for that fieldBaseDN: ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com
Note: This may also be referred to as SearchDN, Search Base or other similar terminology
So, according to this, your configuration should be:
lul.setProviderUrl("ldap://ldap.jumpcloud.com:389");
lul.setSecurityPrincipal("uid=LDAP_BINDING_USER,ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com"); // replace LDAP_BINDING_USER and YOUR_ORG_ID with your account details
lul.setSecurityCredentials("******");    //your password
      
lul.setLdapBase("ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com"); // again, replace YOUR_ORG_ID with your organization id
// if this doesn't work, you can try with:
lul.setLdapBase("o=YOUR_ORG_ID,dc=jumpcloud,dc=com"); // again, replace YOUR_ORG_ID with your organization idPlease let us know if this helps,
Cheers,
Eduardo
Offline
Hi Frank,
testing with jumpcloud I made the following modifications in order for the script to work:
1. Credentials:
lul.setProviderUrl("ldap://ldap.jumpcloud.com:389");
lul.setSecurityPrincipal("uid=LDAP_BINDING_USER,ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com"); // replace LDAP_BINDING_USER and YOUR_ORG_ID with your account details
lul.setSecurityCredentials("******");    //your password2. change getGUID() in order to return something unique in the jumpcloud LDAP installation, e.g.:
private String getGuid(SearchResult sr) throws NamingException{
	return sr.getName().toString(); //you can also return a unique id analogously as the original script
}3. change your filter:
private String ldapFilter = "(|(objectClass=organizationalUnit)(objectClass=person)(objectClass=posixGroup))";4. change the username property:
//node.setUsername(getStringAttribute(sr, "sAMAccountName"));
node.setUsername(getStringAttribute(sr, "uid")); // set uid or any attribute you have identifying your usernameThis is working for me, I hope this helps.
Cheers,
Eduardo
Offline
just noting that we have the same intention that Frank first posted. Our thread is at https://forum.reportserver.net/viewtopi … 2891#p2891 - with Eduardo's help we're progressing.
Offline
Hi Frank,
pls note we published the ldaptester.groovy script here:
https://github.com/infofabrik/reportserver-samples/
which allows you to safely test your LDAP settings before importing them into the "real" ldapimport.groovy script (or ldap.cf configuration file).
Regards,
Eduardo
Offline
Pages: 1