You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > DW Product Help > Software Applications > DW Spectrum IPVMS > LDAP > DW Spectrum - LDAP Troubleshooting Guide & FAQs
DW Spectrum - LDAP Troubleshooting Guide & FAQs
print icon

LDAP Troubleshooting Guide & FAQs

-----------------------------------

Affected Roles: Administrator, Power Users

Related Digital Watchdog VMS Apps: DW Spectrum

Last Edit: May 2, 2025

-----------------------------------

LDAP integration allows System Administrators to link an existing User Database to their DW Spectrum System for access and rights management.

This article will provide answers to questions that are frequently asked regarding LDAP integration as well as a troubleshooting guide when connecting an LDAP server to a DW Spectrum System.

 

FAQs

Question: Why can’t an IP address be used when configuring LDAP in the Desktop Client?

Answer: DW Spectrum supports the FQDN standard. This involves using a domain name to specify the exact location of a system. It is a complete and unambiguous static address of a host or server on the Internet, including its hostname, domain name, and top-level domain (TLD). This ensures that there is no ambiguity about the exact location of the resource being accessed.

 

Question: Can a System be set to periodically poll LDAP for changes and updates?

Answer: DW Spectrum attempts to automatically synchronize with a connected LDAP/AD server once every 10 minutes by default.

 

Question: Why are LDAP users unable to log in to the Web Client until they have successfully logged into the DW Spectrum Client at least once?

Answer: This is currently the way the solution works but there are plans to modify it in an upcoming release to make it simpler to use.

 

Question: When configuring LDAP integration, I cannot specify the domain’s Base DN as a search base, but can specify OU’s underneath the Base DN. Why?

Answer: You cannot filter by OU membership, but you can filter by group membership. To retrieve all users that are members of a specific group, filter on the member or attribute.

For example:

memberOf=CN=Security Users,CN=Users,DC=DOMAIN,DC=LOCAL

 

Question: Does the VMS keep LDAP passwords?

Answer: No, for security reasons, DW Spectrum does not store passwords.

 

Question: Does the LDAP server need to be a part of the same local network as the DW Spectrum Server?

Answer: No, an LDAP server does not need to be on the same LAN as the DW Spectrum Media Server but it does not to be accessible through the Internet (WAN) or through LAN, if on a different subnet.

 

Question: Why can’t I see the LDAP button in the DW Spectrum Client?

Answer: LDAP users with any role assigned are not allowed to modify LDAP server settings. The basic concept is that if they accidentally modify these settings may cause a loss of permission to connect.

 

Question: Why does LDAPS (LDAP over SSL) not work?

Answer: Most likely you will be required to change certificates or to install certificates to both the LDAP server and the DW Spectrum Media Server.

 

Troubleshooting an LDAP Connection

Step 1: Test Your LDAP Server with a 3rd Party LDAP Browser or Client

To first determine if an issue is related to DW spectrum, we recommend you use an alternative LDAP browser or client to connect to your LDAP server from the list below:

 

To install LDAP utilities with Ubuntu Linux, use the command:

sudo apt-get update && sudo apt-get install ldap-utils

 

Example Test

An example test query can look like the one below:

  • URL: ldap://ad.my.domain.com
  • Port: 389
  • DN of an admin: [email protected] or CN=Administrator,CN=Users,DC=my,DC=domain,DC=com
  • Search Base: CN=Users,DC=my,DC=domain,DC=com
  • Password: PaSsWoRd123

ldapsearch -LLL -x -H ldap://ad.my.domain.com:389 -s sub -D [email protected] -b CN=Users,DC=my,DC=domain,DC=com -w PaSsWoRd123 -o ldif-wrap=150

 

A valid output would look like:

dn: CN=Users,DC=my,DC=domain,DC=com
objectClass: top
objectClass: container
cn: Users
description: Default container for upgraded user accounts
distinguishedName: CN=Users,DC=my,DC=domain,DC=com
instanceType: 4
whenCreated: 20151113032937.0Z
whenChanged: 20151113032937.0Z
uSNCreated: 5696
uSNChanged: 5696
showInAdvancedViewOnly: FALSE
name: Users
objectGUID:: puf/DK2dGkCF/7bTR7V+iw==
systemFlags: -1946157056
objectCategory: CN=Container,CN=Schema,CN=Configuration,DC=my,DC=domain,DC=com
isCriticalSystemObject: TRUE
dSCorePropagationData: 20170619233637.0Z
dSCorePropagationData: 16010101000001.0Z
.....

 

If you manage to fetch or browse the information from your LDAp server using the 3rd party browser/client, proceed to Step 2 below. Otherwise, it is encouraged to work with your LDAP system administrator for further assistance before proceeding.

 

Step 2: Gather Server Logs

If Step 1 was successful, gather server logs by performing the following:

  1. Elevate the main logging level of the DW Spectrum Media Server to “DEBUG2 (VERBOSE)”.
  1. Perform or re-create the same LDAP related operation you were encountering issues with.
  2. Gather Server Logs and share them with our support team or your local reseller.
  3. Navigate to the System Administrator > Advanced > Logs Management > Settings menu.
  4. Select the components that you want to download logs from, then click the Download button. It is not possible to download logs from offline servers.

 

 

 

For More Information or Technical Support

DW Technical Support:  866.446.3595 (option 4)

https://www.digital-watchdog.com/contact-tech-support/

______________________________________________________________________________

DW Sales:  866.446.3595                   [email protected]        www.digital-watchdog.com

scroll to top icon