How to get Console LDAP operators to be able to login after moving the users to new OUs and groups
Functionality not yet available.
Work-around is listed below:
1. Backup the database.
2. Using SQL Server Management Studio by querying for the current LDAP distinguished name. The following query can obtain this information, replace "USERTOCHANGEDN" with the name of the user in the database table. Copy the data that results from the running of the query by right clicking and copying it to a text file.
select LdapDN from dbo.USERINFO where Username = 'USERTOCHANGEDN'
3. Obtain the new distinguished name using LDAP Explorer or Active Directory.
4. Using SQL Management Studio click the New Query button and use the following query replacing the "NEWLDAPDN" with the new distinguished name obtained in step Replace the "OLDLDAPDN" with the results
update userinfo set LdapDN = 'NEWLDAPDN' where LdapDN =
5. On the TEM Server do the following:
a.Go to a command prompt and navigate to your BES Server directory (C:\Program Files\Bigfix Enterprise\BES Server by default.)
b. Run the following command "besadmin.exe /resignsecuritydata"
Tivoli Endpoint Manager