Skip to main content
Skip table of contents

Cannot log into the Gateway after configuring Active Directory

Problem

Cannot log into the Blue Cedar Gateway after configuring search-order number for Active Directory

Solution

As explained in Step 2: Defining the search order of configured authentication providers, the gateway uses a chain of authentication providers to validate user requests. When a client makes an authentication request, the gateway starts looking at the appropriate auth-group (which is  local) and then the auth-provider with the lowest search-order to validate the request.

If the gateway receives a "No such user or resource" result from the auth-provider, the gateway continues on to the next auth-provider in the sequence until it receives a definitive success or error and then returns the result.

However, if there is a user in the local auth-provider named "Administrator", and the search-order of local is less than the search-order of an Active Directory (AD) server, this can cause the gateway to attempt a query of the AD domain instead of allowing the administrator to log into the gateway.

Configure the auth-provider local with the lowest search-order number, which is 0. This "best practice" helps you avoid the undesired behavior of the gateway when logging in.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.