Bimcloud 2024.3 some ldap users are "denied" after login

markom · ‎2025-02-10

Bimcloud is local, not SaaS. Ldap sync has been used for years, only after 2024 installation the problem appeared for some users. Few of them did not meet the password requirements, but even after they changed their passwords they are denied access.

torben_wadlinger · Wednesday

Same problem here. Running bimcloud manager on 2024.3, bimcloud server on 29.0.68.5901 only a short login is possible (2 to 3 seconds). With bimcloud server 27.0.358.4103 everything works fine (with same manager).

markom · Thursday

Do you get these in the C:\Program Files\GRAPHISOFT\BIMcloud\Manager-*version*\Logs\appServer...log:

{"severity":"WARNING","level":40,"time":"2025-03-12T11:53:57.641Z","process":"appServer","hostname":"bimedu","pid":5128,"name":"_","msg":"NetworkActiveDirectoryImporter.convertUserDefs: User def does not contain pwdLastSet! Principal: cn=user1,ou=people,dc=corp,dc=fi"}

and:

{"severity":"WARNING","level":40,"time":"2025-03-12T11:54:39.302Z","process":"appServer","hostname":"bimedu","pid":5128,"name":"_","msg":"BimcloudTokenProvider.refreshableByLdap: Update failed. No password last set timestamp information associated with the LDAP user. User id: f88532af-8c23-1974-f726-686f4be890ec, principal: cn=user,ou=people,dc=corp,dc=fi"}

I am having hard time getting my local dealer to contact Graphisoft about the issue..

torben_wadlinger · Thursday

OK, the problem must be with Archicad 28. Something must have been changed there in the authentication (the login dialogue is now also a website and no longer the modal dialogue).

How do I find out? Quite simply: I have also released the BC Server 29.0.68.5901 (host for AC28) as a storage location for AC26 and the BC Server 27.0.358.4103 (host for AC26) for AC28.

Result: AC26 on BC Server for v28 works, but not the other way round. The problem is therefore with AC28 and only affects LDAP users. Users that are created directly on the Manager work perfectly!

BTW: I have similar errors in the log. But it works anyway with AC26 and below.

markom · Thursday

We have the same problem with the AC 27. They did enforce new password rules, 12 chars atleast, lower and uppercase letters, numbers and special characters. Seemed to work for a start after people changed their passwords to meet the rules, but then the "Denied" came to haunt them too.

torben_wadlinger · Thursday

OMG. It is the password! After changing the password into something like that 3v>3LKz=!N2aH;> it worked. I searched Google up and down, but found nothing about bimcloud and password complexitiy. Or I'm to dumb to search the internet ...

tkrepler_fjc · yesterday

Hi All, We have been battling the same problem since January — we updated our local BIMcloud (Pro, with LDAP synch) over the Christmas break.

The really intriguing nature of the problem is:

— denied people can log in to the BIMcloud from the web interface during the “denied” period from the same computer
— another person with an LDAP setup can log in from the same computer while the rightful user cannot
— the phenomenon never happened before the 2024.3 update of BIMcloud, though we have been using it with the same settings since 2018
— nothing has changed in our LDAP setup

— we got the same result when people tried to log in from Archicad 25 Mac, Archicad 26 Mac and Windows (we did not try 24, but I fear it would have ended up the same way)

Nevertheless, the next time it occurs, we will try to change the LDAP password of these people to 12 characters with all the extra requirements and will let you know about the results. Thanks, Torben!

Tony Krepler
Design Technology Lead - BIM, fjcstudio
Sydney, Australia
Archicad since 3.4, macOS 14

markom · yesterday

Hope it helps for you, for us it worked only for a while.

markom · yesterday

And I think the only mention I can see is when I create a user manually and send them the password change link, that page tells what kind of complexity it needs now.

tkrepler_fjc · yesterday

Well, that has been our workaround — I created a "proxy" user manually, and they used that, they were able to log in and do their work. But this is less than ideal for more than one reason.

Let me add, that the LDAP account always works for the denied people the next day, however, the problem might return a few weeks later in a sort of random way. The strange thing is, that when the issue returns the second time, some people can solve it simply by fiddling with the Network Diagnostic.
Pretty mysterious so far.

Tony Krepler
Design Technology Lead - BIM, fjcstudio
Sydney, Australia
Archicad since 3.4, macOS 14

Bimcloud 2024.3 some ldap users are "denied" after login

Didn't find the answer?

Check other topics in this Forum

Read the latest accepted solutions!

Start a new conversation!