Hi Marcus,
I think you are right, there is definitely something wrong with the LDAP/AD integration ... But I don't know what 😕
I think it must be at least partly an OCUM application problem, because I see similar behaviour to what you describe in the VMware based OCUM appliance package.
On a newly installed 7.1P1 Vmware based OCUM system I can no longer login using an AD account.
Remote authenticated login _did_ work initially, after the installation, immediately after remote authentication was enabled. But now it fails for no obvious reason.
In the OCUM audit.log file I see errors like this:
Apr 07 13:27:32 [:NOTIC]::WEB:err:[127.0.0.1]::Authentication failed for xxxx_x_xxxxxxx [org.springframework.security.web.authentication.WebAuthenticationDetails@fffed504: RemoteIpAddress: 127.0.0.1; SessionId: K1uEbUk2c490MaATo4GdPITo]: org.springframework.security.authentication.BadCredentialsException: Authenticating token for ldap user not successful.
Ironically the "Test Authentication" button in the OCUM Web UI works every time. It returns success, along with convincing infomation about the attributes and group membership of the account name tested.
A second older OCUM server (also VMware based, version 7.1, upgraded from 6.x), configured with exactly the same remote auth configuration and authenticating against the same AD server functions normally. Using the same user account name I can login in to that server without any problem.
Go figure 😕
BTW, you are right, something also goes wrong in the Web UI when you answer "no" to "do you want to save your changes".
Cheers,
Robb.