Misc
LDAP Response Read Timed Out
Issue After upgrading to 6.4.7.x, customer is experiencing various LDAP timeouts. One example: unable to search for user's to add to link/tile objects from webAdmin's Link-Menu Admin interface. Two seconds after clicking the search button, a stack ...
Rights for relayuser and directory services user
The relayuser account can be renamed and moved. If it is renamed, then you have to go into the 8090 console under the relay properties and tell it the new name. What rights does the relayuser account need? The relayuser account needs to have access ...
Slowness during login
Customer noticed that after a while logins slowed way down. What are the things to check ? 1) Check if the relay object has logging turned on. a. If it is turned on, then check if it is configured for a DB. i. If it is configured for a database, ...
Testing Microsoft Active Directory DNS
Stoneware has put together a few internal tools for doing some tests. From the directory configuration tab in the 8090 console click the Advanced check box to show the Run Environment Check. Using swTestTools ...
LDAP Error Codes
AcceptSecurityContext error, data 52e means "bad password" AcceptSecurityContext error, data 525 means "bad user name" AcceptSecurityContext error, data 773 means "password expiring" or similar. Standard error codes Standard LDAP errors Error / data ...
How webNetwork authenticates against LDAP / AD / eDirectory
webNetwork uses LDAP to talk to Microsoft Active Directory and Novell eDirectory. It will do a search and the FIRST entry that matches is returned and the password supplied it tried against that user object. webNetwork does not store the users ...
Enable directory cache to speed up login times.
To help speed up things webNetwork has a feature called Directory Cache. This is turned on in the 8090 console loader under Directory Services. Typically create a c:\stoneware\config\dircache and then set the cache dir to this path, and set the ...
Account Locked message
User is getting a message when logging into webNetwork that says : Account Locked This means that the directory ( Microsoft Active Directory or Novell eDirectory ) has detected too many invalid logins and has locked the account for intruder attempts. ...
Packet capture of LDAP on Linux / Unix
How can I do a packet trace to capture the LDAP communication between webnetwork and microsoft active directory. Webnetwork is running on a Mac OSX or linux system. The following URL shows how to use the command line tcpdump to do a packet trace. ...
Can I specify more than one LDAP server in the directory services configuration
If you are using eDirectory then putting ldap1.example-cloud.com,ldap2.example-cloud.com will tell webNetwork to use ldap1 server until such time that the LDAP port responds. If it stops responding then it will flip to ldap2. It will stay at ldap2 ...
How to assign an External User to an object
If external users are not configured already (you don't see a sw-External-Users in webadmin (left side in the tree view) then a external directory has to be installed like OpenDS and configured in the 8090 console first. If it is already configured, ...
What attributes change during a login to webNetwork
Upon login the following attributes get updated in the directory during a normal login. swareIPAddresses - IP Address of the users machine swareLastLogin - Date / Time of login swareVisits - increment the number of logins to webNetwork Optionally ...
How to configure RADIUS 2nd factor authentication
Problem: Would like to setup RADIUS (token) authentication as a 2nd factor authentication method. Prerequisite(s): RADIUS server IP/port# RADIUS server secret key Access to Server Management console (8090 console) Solution(s): It's important to ...
How to read Env Check utility output
Problem: Running the Env Check utility (aka Environment Check) for installation or troubleshooting and the tool is reporting errors. Solution(s): Here are some of the common errors and possible solutions. Error: The connection attempt timed out SSL ...
Creating a directory service account
Problem: Need to create service account for directory services (LDAP) connection. Cause: Unified Workspace uses a "proxy" style account to be able to integrate into your directory. This proxy account is the only user that accesses the LDAP server ...
Speed up object creation in Novell eDirectory
Issue: How can I speed up the creation of objects? I have directory caching enabled, and I also have several LDAP indexes. Am I missing something? Solution: Webnetwork is only as fast as your directory is. There are many different tuning techniques ...
UW Active Directory Modifications
Issue: How does Lenovo Unified Workspace affect Active Directory and specifically the Schema? Solution: Why does UW need to extend the Schema of AD? Please see the following KB article for a full explanation: ...