ELMA365 Store solutions > Active Directory/LDAP / AD/LDAP troubleshooting

AD/LDAP troubleshooting

This article describes the most common issues and errors that may occur when setting up and operating the AD/LDAP modules.

  1. Issue: when saving the module’s settings, there are no error notifications, yet when clicking Import in Administration > Users, the user list doesn’t appear as it should.

This happens if the User import filter or Path to users parameters are filled out incorrectly. The specified filter doesn’t return users, or users are not found at the specified location.

Solution: check the User import filter and Path to users parameters and make sure that there are users at the specified location on the AD/LDAP server.

  1. Issue: imported users cannot sign in to ELMA365.

This may happen in the following cases:

    • The value of the Logon name format field in the AD/LDAP module’s settings is invalid.
    • Your server doesn’t support authentication with this logon name format.
    • The Login field on the authentication page is filled out incorrectly.

Solution: the system administrator needs to edit the logon name format according to the table and check authentication with all the login formats.

  1. Issue: users locked in AD/LDAP do not get automatically locked in ELMA365.

Solution: to lock users automatically, do the following:

    • Make sure that auto-sync is enabled in the module’s settings.
    • Make sure that the locked user meets the conditions of the User import filter. Go to Administration > Users > Import > AD/LDAP Module and run search to find the user. If the user is not found, this means that they don’t meet the filtering conditions. Go to the module’s settings and edit the filter so that it includes locked users.
  1. Issue: it is necessary to edit the full name of an imported user in ELMA365.

Solution: how the name can be changed depends on the Auto-sync parameter:

    • If it is enabled, the name has to be changed on the AD/LDAP server.
    • If it is disabled, you can change the name directly in ELMA365 by clicking Edit in the user’s profile.
  1. Issue: it is necessary to change the login of an imported user.

Solution: to change a user’s login, you need to change the parameter used for importing the login on the AD/LDAP server, for example, sAMAccountName. If auto-sync is on, the login in ELMA365 will be updated automatically. If auto-sync is disabled, you will need to re-import the user.

  1. Issue: by mistake, external users were imported as internal users or vice versa.

Solution: if you’re using ELMA365 On-Premises, you need to restore the backup copy of the system that was made prior to the user import. Then run the import again. For ELMA365 SaaS, user import is irreversible.

  1. Issue: with auto-sync on, test accounts, printers, etc. have been imported into ELMA365 as internals users.

User import is an irreversible process. We do not recommend unnecessarily enabling auto-sync.

Solution: you can hide the accounts imported by mistake from the list of active users. Use one of the following options:

    • If auto-sync is enabled in the module’s settings, lock the accounts in AD/LDAP. After the next sync, the accounts will be locked in ELMA365, too.
    • If auto-sync is disabled, in ELMA365 go to Administration > Users > Import > AD/LDAP Module and lock the users. If you enable auto-sync later on, these users will remain hidden from the list of active users, but will be assigned the Data does not match status.

Please note that if a user remains active in AD/LDAP, they will be unlocked when imported to ELMA365 during the next import.

  1. Issue: users moved to another domain or forest in AD/LDAP cannot sign in to ELMA365.

Solution: there are two possible solutions:

    • In the settings of the AD/LDAP module, update the Path to users or User import filter parameter.
    • In AD/LDAP, move the user back to the initial domain or forest.

Found a typo? Highlight the text, press ctrl + enter and notify us