LDAP

sewkol · Post by **sewkol** » Wed Feb 20, 2008 3:51 pm

Hello

I have problem with authentication to MS AD 2003. I read posts and test various options, but still have error:

LDAP Error: Unable to create LDAP object

What can be wrong ???

SK

Post by **rony** » Wed Feb 20, 2008 4:05 pm

Um...

That is one of the generic error message I put in there that you should never get...

What method are you using in LDAP, No Searching, Anonymous Searching or Specific Searching?

Also, try another version either 2 or 3 in the settings and see if that works.

sewkol · Post by **sewkol** » Wed Feb 20, 2008 5:04 pm

I tried all 3 modes (No Searching, Anonymous Searching and Specific Searching) and versions (2 and 3).

In Distinguished Name (DN) tried:
<username>
<username>@xxx
<username>@xxx.xxx.xx

In Search Distingished Name (DN):
someuser
someuser@xxx
someuser@xxx.xxx.xx

and password.

Search Base and Search Filter i left empty.

SK

Post by **rony** » Wed Feb 20, 2008 5:28 pm

ADS will not allow Anonymous searching.

Try version 2 protocol and no TLS/SSL.

No Searching

And set your DN to "<username>@<domain>"

Replace <domain> with the domain that is located on the ADS users Account tab under "User logon name:".

sewkol · Post by **sewkol** » Thu Feb 21, 2008 3:49 am

I tried this. The same error still ocours

SK

Post by **rony** » Thu Feb 21, 2008 9:40 am

Email me a screen shot of what your setting are. Don't post them unless you don't care..

sewkol · Post by **sewkol** » Fri Feb 22, 2008 7:41 pm

Could this by problem of using newest programs (PHP 5.2.5 especially)?

SK

Post by **rony** » Sat Feb 23, 2008 1:28 pm

Maybe, um....

I will have to test.

sewkol · Post by **sewkol** » Tue Feb 26, 2008 4:22 am

I tried once again reinstall system and all programs:
Solaris 10 x86 (07/08 - u4) - Local UTF-8
PERL 5.10.0
PHP 5.2.5
mod_perl 2.0.3
Net-SNMP 5.4.1
Apache 2.0.63 (default charset - utf-8 )
mysql-5.0.51a (default charset - utf-8 )

I configure guest account:
Enabled it
User Must Change Password at Next Login - no
Allow this User to Keep Custom Graph Settings -no
Rest options is default (Authentication Realm - Local)

And Authentication in settings:
Authentication Method: LDAP
Guest User: No user
User Template: guest
Server: IP address of my DC
Standard TCP Port: 389
Protocol Version: Version 3 (i tried Version 2 too)
Encryption: None
Referrals: Disabled
Mode: No searching
Distinguished Name: <username>@domain.xxx.xx (i have tried <username>@domain too )
Rest options is blank

And problem still ocours (LDAP Error: Unable to create LDAP object)

SK

Post by **rony** » Tue Feb 26, 2008 11:32 am

Sounds like a php problem and solaris, have you looked at the error log for the apache web server to determine what might be happening?

sewkol · Post by **sewkol** » Tue Feb 26, 2008 1:13 pm

No errors in apache log. I turn on php errors log - nothing too

SK

sewkol · Post by **sewkol** » Mon Mar 17, 2008 6:35 am

I think that problem is in parameters of LDAP connection. When I edit cacti/lib/ldap.php and insert there instead of parameters ($ldap_host,$ldap_port) values ("10.5.1.102","389") i can login to Cacti...

111 /* Connect to LDAP server */
112 $ldap_conn = @ldap_connect("10.5.1.102","389");

Where is a problem??

SK

Post by **rony** » Mon Mar 17, 2008 10:45 pm

Um....

Do you have SSL/TLS not selected and the correct ports set?

sewkol · Post by **sewkol** » Tue Mar 18, 2008 2:04 am

Yes - port is 389 and encryption set to None.

SK

paul.lessard · Post by **paul.lessard** » Thu Mar 20, 2008 11:11 am

I was receiving a similar error message, but I've fixed it by installing openldap. It seems I was able to build php with LDAP even though I didn't have openldap installed, so perhaps you've reached the same issue?

Cacti

LDAP

LDAP

Perhaps a fix?

Who is online