Active Directory

I’m unable to use active directory/LDAP to log in. Can someone please take a look at my settings? Maybe a 2nd set of eyes is all I need.

Testing connectivity to AD:

We’ve the same configuration, we had some problems to find the proper DN. our base/group DN is:

OU=Standard Accounts,OU=User Accounts,DC=XXXXXX,DC=XXXXX

try to check it into AD manager…AD sometimes is a pain!

I will look, thank you.

Are you able to bind successfully using ldapwhoami?

e.g. ldapwhoami -H ldap://<FQDN> -D '<DOMAIN>\<USER>' -W

Also, I would recommend using LDAPS to prevent your account passwords from being sent as cleartext to the LDAP server.

I’ll try that… thanks for the suggestion

1 Like

ok so I have the service account authenticating w/ the command you sent me. Sorry, I had to block out some of the data… but the 2nd to last line shows it logged in to a mapped drive.

So I have proven that the service account can log in, through the command line. No matter what I do, I cannot get it to work through foreman itself. Can one of you guys please paste your config, so I can compare? Feel free to black out stuff you do not want to share.

Nevermind…I got it! :slight_smile:

1 Like

Can you please share what it was for the benefit of future googlers?

1 Like

Yes sir… so we have an old Foreman server, that I am replacing with a brand new one. I copied the LDAP stuff from the previous person’s config. Here’s where the issue was.

The issue:

The working version

I then changed the Attr login, and it only needs the username to log in… domain\ not required.


Hope this helps someone :slight_smile:

1 Like