Kace1000 Service desk question
Hi - I was able to sync Kace with LDAP and import all the users over to KACE. Now, when user logs in with their network login/password, KACE creates a duplicate account in KACE with ADMIN rights by default (completely ignoring there is an existing account). I have 2 questions.
1. 1. Where do I change the settings so it doesn’t create duplicate accounts?
2. 2. When a new user logs in to KACE the very first time, I want it to receive USER rights by default not ADMIN rights. How do I change that?
Thanks
Answers (3)
The accounts that are duplicated, where they created manually? The items created from ldap should have the account name then (LDAP) after it. As far as creating them all as Admins in the control panel>user authentication. Look at your servers and make sure the role they are being assigned is not Admin
Comments:
-
Duplicate account gets created right after they login the very first time and it does say LDAP after it. Existing account (the one I imported) also says LDAP in front of it. I don't think it even recognize there is an existing account with the same name. - khanman74 11 years ago
-
During the import process you should be able to select the mapping for the user account. Select objectguid next to ldap uid. - Timi 11 years ago
I think your issue may be the order of your LDAP Authentication.
Check Settings -> User Authentication
First, the radio button for LDAP Server Authentication should be selected.
Second, "Admin Server" should be listed above "User Server"
If it's not, click the green up arrow on Admin server.
Timi is right its the mapping
You want the LDAP UID field to be something that is static. The best choice for this would be objectguid. Having this field mapped to a static attribute will ensure that duplicate users are not created should you need to change some of the other associations for the User Record.
If it isnt set this way you will get duplicate users.
The order of the servers only effects logon speed
