You are viewing limited content. For full access, please sign in.

Question

Question

Adding Laserfiche Directory Users to Repository when LFDS server is on another computer

Laserfiche Directory Server Web Client Administration
Updated November 19, 2021
asked on May 29, 2019 Show version history

I am trying to add Laserfiche Directory Users to the Laserfiche Administration Console, the locations available to me are 'lfds' although after inputting a user query i get the following error as the LFDS server is on another computer.. I have STS setup successfully and can authenticate into forms etc although cannot add users from the LFDS to the repository to assign rights. How would I add a new location to the add directory users? I am running the latest version of Laserfiche 10.4,

Thanks in advance!

Error Code: 9357
Error Message: LDAP query could not be completed. [9357]

------------ Technical Details: ------------

LFSO:
    Call Stack: (Exception)
        CLFDirectorySearcher::ThrowLastError
    Additional Details:
        HRESULT: 0xc004248d (CLFDirectorySearcher::ThrowLastError, lfdirectorysearcher.cpp:330)
         (LFSO/10.4.0.63)
LFCommonDialogs104.dll (10.4.0.103):
    Call Stack: (Current)
        CLFObjectPickerMain::FindLDAPAccounts
        CLFObjectPicker::DoPicker
    Call History:
        CLFObjectPicker::DoPicker
         CLFObjectPickerLocationTreeCtrl::GetDefaultPath
         CLFObjectPickerLocationTreeCtrl::InitializeCtrl
         CLFObjectPickerLocationTreeCtrl::GetSelection
         CLFObjectPickerMain::FindLDAPAccounts
        CLFObjectPicker::DoPicker
         CLFObjectPickerLocationTreeCtrl::GetDefaultPath
         CLFObjectPickerMain::FindLDAPAccounts

 

Capture.PNG
Capture.PNG (15.19 KB)
Download
2 0

Answer

SELECTED ANSWER
replied on May 29, 2019

Christian,

 

To be able to utilize Laserfiche Directory Accounts this way, the Laserfiche Application Server & Directory Server machines need to be on the same domain (or there should be trust between the domains if they are on different domains).

Is your Laserfiche Server & Directory servers on the same domain? 

2 0
View 2 previous replies
replied on May 29, 2019 Show version history

Hello Karim,

 

Thank you for your response. The LFDS and Application Server are on seperate domains although have a certificate trust setup to allow authentication through STS to the Laserfiche applications and this works fine. Am i not able to add the LFDS users to the repository this way?

1 0
replied on May 29, 2019

From my understanding, there needs to be a two-way trust between the Laserfiche Server & LFDS domains in this case for it to work.

0 0
replied on May 29, 2019

I agree that is definetly the case, and i have this two way trust setup already. The problem is finding where i can configure this setting that is defaulting to the local LFDS, there must be a config file or utility to use an external lfds through editing the hostname or by using the STS server, just no luck finding this

replied on May 29, 2019

I have this trust setup for other application using the XMLEndpointUtilities to edit the config files and add certificates to assure this trust? Do you know how to enable this trust for the laserfiche admin console to access the LFDS Users?

Thanks!

0 0
replied on May 29, 2019

As long as the trust exists at the Windows Domain/network level, there shouldn't be be any additional configurations for the Laserfiche Administration console.

 

Perhaps try a simple test. Let's assume LFS is on DomainA and LFDS is DomainB. Create a Windows User in DomainB, add it to LFDS then Add it to the Laserfiche Administration Console for LFS on DomainA. Then try login to Laserfiche Desktop Client with this account from DomainB using Windows Authentication. This should at least confirm the two-way Domain Trust.

1 0
replied on May 30, 2019

Thank you i misunderstood the domain trust and i see what you mean now! Thank you very much! This will almost certainly solve the problem 

0 0

Replies

replied on November 18, 2021

Hi, We have the same error being reported. In our situation, although LFDS and the LF Server are hosted on 2 different VM Servers, they are both on the same domain. 

We are running Laserfiche Directory Server Version 10.4.4.444. 

And definitely was able to add LFDS users to the repository in the past, but it seems that the issue only started after the upgrade to LF 10.4

What I have noticed is that when I have a LF Server running 10.4 as well, then it is able to query and successfully add the LFDS user to the repository. We do however have a couple Production servers that is still in the process of being upgraded from 10.2, and on these Servers, we get the same LDAP message listed in this post. So for us the problem seems to be related to the different in versions. Could this actually be the problem? and if so, is there a possible work around? We are not quote ready to upgrade the effected LF Servers to 10.4 are there is still some testing to be done, but I have Users that need to get access. 

 

0 0
replied on November 18, 2021

Hi Vincent,

Your solution provider opened a support case on your behalf for this issue. They mentioned that you're running Laserfiche Server 10.2.1.973.

Please apply the patch from https://support.laserfiche.com/kb/1013972/list-of-changes-for-laserfiche-server-10-2-1-update-3

Notice that one of the fixes included is for the following:

In certain situations, you may receive a "LDAP query could not be completed. [9357]" error message when attempting to retrieve user information from Laserfiche Directory Server. This issue is now resolved. (37476)

Regards

1 0
replied on November 19, 2021

Hi Alexander,

The update listed worked and I was able to proceed with loading the LFDS users. 

Thank you for the follow up. 

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...