Console LDAP operators cannot login after moving the users to new OUs and groups

Technote (FAQ)


Question

How to get Console LDAP operators to be able to login after moving the users to new OUs and groups

Cause

Functionality not yet available.

Answer

Work-around is listed below:

1. Backup the database.

2. Using SQL Server Management Studio by querying for the current LDAP distinguished name. The following query can obtain this information, replace "USERTOCHANGEDN" with the name of the user in the database table. Copy the data that results from the running of the query by right clicking and copying it to a text file.

use BFEnterprise
select LdapDN from dbo.USERINFO where Username = 'USERTOCHANGEDN'

3. Obtain the new distinguished name using LDAP Explorer or Active Directory.

4. Using SQL Management Studio click the New Query button and use the following query replacing the "NEWLDAPDN" with the new distinguished name obtained in step Replace the "OLDLDAPDN" with the results

use BFEnterprise
update userinfo set LdapDN = 'NEWLDAPDN' where LdapDN =
'OLDLDDN"

5. On the TEM Server do the following:
a.Go to a command prompt and navigate to your BES Server directory (C:\Program Files\Bigfix Enterprise\BES Server by default.)
b. Run the following command "besadmin.exe /resignsecuritydata"

Product Alias/Synonym

Tivoli Endpoint Manager

Rate this page:

(0 users)Average rating

Document information


More support for:

Tivoli Endpoint Manager

Software version:

8.2

Operating system(s):

Windows, Windows 2000, Windows 2003 server, Windows 2008 server, Windows 64bit, Windows 7, Windows Vista, Windows XP

Reference #:

1605241

Modified date:

2014-07-08

Translate my page

Machine Translation

Content navigation