Passthrough authentication fails with AD read write (PE2) when using any other attribute other than user DN for authentication

  • 7011163
  • 17-Jul-2012
  • 02-Nov-2012

Environment

NetIQ Access Governance Suite

Situation

Passthrough authentication fails with AD read write (PE2) when using any other attribute other than user DN for authentication

Resolution

By default AD full connector uses user DN as authentication attribute. For any other attribute to be used as authentication atribute in pass through authentication in Access Governance Suite we need to apply  AD PM patch 5.1.00.207 and  Add filter Search attribute in MSCSPARM file as below:
SEARCH_ATTRIBUTES
eg:
MSName SEARCH_ATTRIBUTES sAMAccountName,cn