UCMDB 10.33 with LDAP Integration Fails to Return Related CIs

  • KM03064840
  • 02-Jan-2018
  • 23-Aug-2018

Summary

LDAP user failed to get the related CIs, using normal user we are able to use this option correct.

Question


When UCMDB 10.33 (on Windows) is integrated with LDAP (supported by ActiveDirectory), users do "not have permissions to to get related CIs from DB".
The use case... Two users: one is based on LDAP-authentication, second is a local UCMDB user. Both have the same exact roles and permissions (as compared in Security->User and Groups).
Once logged in, the user navigates to the "IT Universe Manager". After any (random) search and selecting any (random) CI, the CMDB-base user will see the expected property details and Top Layer pane.
The LDAP-based user sees an error message ("The selected CI does not have permissions to get related CIs from the DB") in the Top Layer pane. The details pane still only contains the "Select a CI to view its details".
It does NOT matter which CI or CIT I try to view.

Answer

Solution:
1 - customer is using a group named Admins
2 - checked the assigned roles used for the group
3 - remove discovery and integrations admin from the selected roles
4 - After that the issue was resolved.