AD user authentication failing while ordering a service from global region

Solution Verified - Updated -

Issue

  • In global region, AD user is not able to order a service.
  • We setup a global and a subordinate region to authenticate users from Active Directory, doing a group lookup from the exact same AD group. We can log on to both regions fine. From a subordinate region, using our AD account we can order an instance from a catalog fine.
    From a global region we can order an instance from a catalog using a local account. However, if we log in to the global region using our AD account we cannot order.
  • Error in global region evm.log:

    [----] W, [2018-06-15T10:08:15.176321 #2189:3e8b61c]  WARN -- : MIQ(MiqLdap#_search) LDAP Search unsuccessful, 'No Such Object', Code: [32], Host: [**ansible removed sensitive**.**ansible removed sensitive**]
    [----] W, [2018-06-15T10:08:15.176990 #2189:3e8b61c]  WARN -- : MIQ(Authenticator::Ldap#**ansible removed sensitive**thorize) Authentication failed for userid cn=dfb670@**ansible removed sensitive**.**ansible removed sensitive**,ou=admins,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**, unable to find user object in LDAP
    [----] W, [2018-06-15T10:08:15.209399 #2189:3e8b61c]  WARN -- : <AuditFailure> MIQ(Base.block in **ansible removed sensitive**thorize) userid: [cn=dfb670@**ansible removed sensitive**.**ansible removed sensitive**,ou=admins,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**] - Authentication failed for userid cn=dfb670@**ansible removed sensitive**.**ansible removed sensitive**,ou=admins,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**,dc=**ansible removed sensitive**, unable to find user object in LDAP
    

Environment

  • Red Hat CloudForms 4.6
  • Active Directory

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content