• State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 37 subscribers
  • Views 2777 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Error find user

ewoki
over 6 years ago

We have installed Password Manager 5.7 on Windows Server 2016 with two domain connections (domains in the same AD-Forest). In PMAdmin we have set in "General settings" - "Search and Logon Options" the following settings:

selected: Do not allow users to search for their accounts

selected: Show the domain list to allow users to select their Domain

not selected: Users must enter their logon names for identification

selected: Users must enter the following user account attribute for identification (this may slow down the performance): userPrincipalName

 

The userprincipalname of the testuser test@child1.local is unique in the hole forest. But if the settings are set like above, the search for a user in http://localhost/PMUser/ gives the following error message:

"No matching accounts have been found. Check your user name and try again."

In the log of the Password Manager log you can see the following lines:

"2017-07-05 06:23:07:311 E [1828:9] QPM.Service.Workflow4.dll WorkflowContext.CriticalError() >> Activity Identification critical error:
2017-07-05 06:23:07:343 E [1828:9] QPM.Service.Workflow4.dll WorkflowContext.CriticalError() >> Error Status: Error.UserIdentificationFailed.Status
Error Message: No matching accounts have been found. Check your user name and try again.
Error Description: Found more than one user with userPrincipalName 'test@child1.local'
Error Exception: QPM.Common.Exceptions.FoundMoreThanOneException: Found more than one user with userPrincipalName 'test@child1.local'
   at System.Activities.Statements.MethodExecutor.InvokeAndUnwrapExceptions(Func`3 func, Object targetInstance, Object[] actualParameters)
   at System.Activities.Statements.MethodResolver.SyncMethodExecutor.BeginMakeMethodCall(AsyncCodeActivityContext context, Object target, AsyncCallback callback, Object state)
   at System.Activities.Statements.MethodExecutor.BeginExecuteMethod(AsyncCodeActivityContext context, AsyncCallback callback, Object state)
   at System.Activities.AsyncCodeActivity.InternalExecute(ActivityInstance instance, ActivityExecutor executor, BookmarkManager bookmarkManager)
   at System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor executor, BookmarkManager bookmarkManager, Location resultLocation)"

If we change the settings in PMAdmin of "Show the domain list to allow users to select their Domain" and select this, the search for the user was successfully.

If we change the settings in PMAdmin from "Do not allow users to search for their accounts" to "Allow users to search for their accounts", you can see the same user (userPrincipalname) multiple times.

How we can setup the user search, that the user has to enter only his userprincipalname without choosing his domain (he doesn't know this) and can use Password Manager via PMUser. "Allow users to search for their accounts" is no option to use in the live system.

Could it be, that this is a bug in the 5.7 release?