I’m unable to use active directory/LDAP to log in. Can someone please take a look at my settings? Maybe a 2nd set of eyes is all I need.
Testing connectivity to AD:
I’m unable to use active directory/LDAP to log in. Can someone please take a look at my settings? Maybe a 2nd set of eyes is all I need.
Testing connectivity to AD:
We’ve the same configuration, we had some problems to find the proper DN. our base/group DN is:
OU=Standard Accounts,OU=User Accounts,DC=XXXXXX,DC=XXXXX
OU=Group Accounts,DC=XXXXXX,DC=XXXXX
try to check it into AD manager…AD sometimes is a pain!
I will look, thank you.
Are you able to bind successfully using ldapwhoami
?
e.g. ldapwhoami -H ldap://<FQDN> -D '<DOMAIN>\<USER>' -W
Also, I would recommend using LDAPS to prevent your account passwords from being sent as cleartext to the LDAP server.
I’ll try that… thanks for the suggestion
ok so I have the service account authenticating w/ the command you sent me. Sorry, I had to block out some of the data… but the 2nd to last line shows it logged in to a mapped drive.
So I have proven that the service account can log in, through the command line. No matter what I do, I cannot get it to work through foreman itself. Can one of you guys please paste your config, so I can compare? Feel free to black out stuff you do not want to share.
Nevermind…I got it!
Can you please share what it was for the benefit of future googlers?
Yes sir… so we have an old Foreman server, that I am replacing with a brand new one. I copied the LDAP stuff from the previous person’s config. Here’s where the issue was.
The issue:
The working version
I then changed the Attr login, and it only needs the username to log in… domain\ not required.
Hope this helps someone