To improve the detection of expired passwords and to overcome some connection problems in multiple LDAP server configurations, starting from version 8.7.0, it has been added a restriction to LDAP server configuration.
In particular, the NetBIOS Name parameter must be compliant with the Domain Name(pre-Windows 2000).
The NetBIOS Domain name indicated on the LDAP server configurations:
Must be the one indicated as Domain name (pre-Windows 2000) on the Active Directory Users and Computers (the Microsoft Management Console you use to administer Active Directory)..
Checking compatibility with ThinMan Server 8.7.0
To avoid possible failures on ThinMan Login, Smart Identity, ThinMan Access Control and/or User Policy after upgrading ThinMan server to version 8.7.0, the upgrade setup verifies whether some LDAP configurations have non-complaint names.
If the setup finds any "incorrect" LDAP configuration, it will appear a message similar to the one shown below.
Proceed by clicking on Cancel Update and follow the steps explain below.
ΒΆ How to proceed when non-compliant NetBIOS Domain names have been detected
Follow these steps to troubleshoot the LDAP server configurations and proceed with the upgrade:
-
Install version 8.6.4, which allows the use of non-compliant NetBIOS Name parameters.
-
Since the NetBIOS Domain name is not editable, it is necessary to duplicate the LDAP server.
A pop-up window will appear warning that the LDAP server will be duplicated with another name that you will need to indicate. It also informs that all links to objects where the server is used will also be copied (e.g. a ThinMan Login policy).
Click on Yes to proceed.
Write the correct NetBIOS Domain name and click on Save.
Finally, click on OK to close this window. -
Test the functionality of the new LDAP instance by using the new instance to run ThinMan Login, SmartIdentity, User policy and/or log-in to the ThinMan Console.
E.g. open the ThinMan Login policy.
Deselect the LDAP server with NetBIOS Domain name non-compliant.
Verify the ThinMan Login, SmartIdentity, User policy and/or log-in to the ThinMan Console works properly. -
Remove the non-compliant instance.
It will be warned that by removing the LDAP server, all links (ThinMan Login, ThinMan Smart Identity, User Policies, ThinMan Access Control) to this LDAP server will be removed*
\ -
Proceed with the update of ThinMan to version 8.7. When the upgrade finishes, it will show a warning indicating that the LDAP Server management has been updated.
-
If you are using the LDAP server function, we highly suggest to check the LDAP Server connections by accessing the console with an Administrator user. It will appear a message similar to the one below. Click on Proceed to continue.
If you want to verify again whether all LDAP connections work properly, click on Retry. -
Finally, verify the functions that use the LDAP servers (ThinMan Login, Smart Identity, ThinMan Console login, user policies) work properly.