Troubleshooting LDAP issues with a targeted User Filter

Version 1



    The LDAP setup and configuration pages in the Jive Admin Console can be used to help you troubleshoot and fix user syncing issues. Most common issues are around certificate errors, or specific users not syncing correctly. These issues can be diagonsed and resolved by using the techniques outlined here.




    • Verified for version: Jive 6, 7, 8, 9 & Cloud



    Troubleshooting LDAP configurations generally comes up during setup, after major changes / org restructure, or when adding new users. A key component to your LDAP configuration is the use of the User Filter field. This field is at Admin Console: People > Settings > Directory Server Settings > User Mapping. You can review Search Filter Syntaxto understand how to build custom User Filter search queries.


    Scenario: "Test" succeeds but saving fails.

    Connection to a directory server utilizes LDAP. LDAP has a secure mode as well called LDAPS, which relies on a SSL certificate to validate the connection, however Jive does not allow self-signed certificates on LDAPS connections. The most common symptom of this issue is when your "Test" succeeds and saving fails.


    Jive will not check the cert during the test, only when you save or apply user mapping changes. You can disable Jive's safety checks (so it accepts self-signed SSL certs for LDAPS) via system property to workaround the issue until a legitimate certificate is applied.

    ldap.ssl.certverification = false



    Note: System properties must be set by Jive Support agents for Cloud sites. Please create a support case if you believe this is impacting your site.


    Scenario: Specific users in your Active Directory are not appearing in Jive.

    If a user won't sync to Jive via LDAP then it's most often because they're missing a user profile field that is required by Jive.


    You can use a temporary test User Filter to check if this is happening to you.


    To do this, you can edit your user filter so that it will only select specific these specific users that you are testing for. This is done in the User Mapping tab, and updating the User Filter field. Here is an example of a temporary search filter that targets specific users:



    This user filter will search your directory server and will only return the 4 users you have listed.


    This allows you to check these specific users (that aren't syncing) and see if there are any error messages for specific fields that Jive is expecting to sync from your directory server.


    Look for (Required) fields that are reporting errors, these are likely what's preventing the user from being synced into Jive.

    1 (3).png

    In this example, all four of the users in the User Filter are missing an Email Address which is a required field in Jive. Check the accounts on your directory server and verify / add email addresses before you try synchronizing these accounts again.

    If an email address is present but you still get an error check the field name, it has to match the User Mappings exactly (case sensitive). e.g Directory Server has the user's email address in the 'Mail' field but your User Mappings are looking for the 'mail' field.

    If you wanted to look at one specific user instead of all four, just modify the User Filter.


    This will only show you the results for billw's account. In the event there are no errors when you click the "Test Settings" button, you'll see a pop-up modal with the user's details (comparable information to an LDIF).


    Related Information