Directory not trusted

Problem

uas3_diag log shows error message: directory not trusted

Solution

This error indicates that an ldap:// address has been used in a configuration, but the LDAP server is not trusted by the authentication method. For direct directory mapping from an authentication method, the authentication method must contain the LDAP hostname in the directory attribute of ubiloginConfString.

For example, to map TUPAS users to external directory users in the LDAP ldap://example.com/, each TUPAS authentication method in the hierarchy CN=Server,OU=System,CN=Ubilogin must have a multi-value attribute ubiloginConfString, with a value directory ldap://example.com/.

This can be verified with an LDAP browser tool as shown below.

Figure 2. Verifying external directory trust for a TUPAS authentication method

Related articles

• Page:
  Ticket validation error: Invalid Property: AuthnRequest: Signature: REQUESTER for unsigned SAML requests
• Page:
  "Remove" button not working for remove role functionality issue in CID
• Page:
  "The password can not be reset at this time" Error in password-reset application for CustomerID User
• Page:
  Unable to get data source: CustomerID SQL DataSource
• Page:
  SAML Compatibility Flags