15302 - Error: Access denied for user@domain when using LDAP as the authentication provider

Usage Note 15302: Error: Access denied for user@domain when using LDAP as the authentication provider



The following error may be seen in the Metadata Server log file when 
using LDAP as the authentication provider. 
 
  Error:  Access Denied. 
  New client connection (10) rejected from server port 8561 for user 
  user@domain. 
 
This problem has been encountered when the person entry LDAP attribute 
that stores the user ID contains "cn" instead of the default value of 

"uid". 
 
To correct the problem, set the environment variable, LDAP_IDATTR, to 
the value of "cn" and restart the Metadata Server. 
 
On Windows the variable can be set in the Metadata Server configuration 
file located by default in c:SAS&ltplan filename>Lev1 
SASMainMetadataServersasv9_MetadataServer.cfg where &ltplan filename> is 
the name of the plan.xml file used during installation. 
 
For example: 
 
   -set LDAP_IDATTR "cn" 
 
On UNIX the variable can be set in the the MetadataServer.sh shell 
script located in .../Lev1/SASMain/MetadataServer/ MetadataServer.sh. 
 
For example: 
 
   LDAP_IDATTR="cn" 
   export LDAP_IDATTR 
 
For instructions on setting environment variables on Z/OS, see 
Implementing Alternative Authentication Providers in the SAS® 9.1.3 
Integration Technologies:  Server Administrator's Guide for instructions 
on setting environment variables on Z/OS.

Operating System and Release Information

Product Family	Product	System	SAS Release
Product Family	Product	System	Reported	Fixed*
SAS System	SAS Metadata Server	Microsoft Windows XP Professional	9.1 TS1M3
		Microsoft Windows NT Workstation	9.1 TS1M3
		Microsoft Windows Server 2003 Enterprise Edition	9.1 TS1M3
		Microsoft Windows Server 2003 Standard Edition	9.1 TS1M3
		Microsoft Windows Server 2003 Datacenter Edition	9.1 TS1M3
		Microsoft Windows 2000 Server	9.1 TS1M3
		Microsoft Windows 2000 Professional	9.1 TS1M3
		Microsoft Windows 2000 Advanced Server	9.1 TS1M3
		Microsoft Windows 2000 Datacenter Server	9.1 TS1M3
		64-bit Enabled Solaris	9.1 TS1M3
		z/OS	9.1 TS1M3
		Linux on Itanium	9.1 TS1M3
		HP-UX IPF	9.1 TS1M3
		64-bit Enabled AIX	9.1 TS1M3

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Type:	Usage Note
Priority:
Topic:	System Administration ==> Servers ==> Metadata

Date Modified:	2005-05-23 16:19:11
Date Created:	2005-05-23 16:19:11

Support

Usage Note 15302: Error: Access denied for user@domain when using LDAP as the authentication provider

Operating System and Release Information