i am trying to set up ldap authentication but it keeps failing with the error "LDAP Search Error: Unable to find users DN". We are using a windows 2008 dc to authenticate against. I am trying to give permission to anyone who belongs in the IS-IT group.
here are my following settings.
Protocol Version: 3
Encryption: None
Mode:Specific
Distinguished Name (DN): <username>@domain.com
Require Group Membership: Checked.
Group Distingished Name (DN): CN=IS-IT,OU=Security Groups,DC=DOMAIN,DC=com
Group Member Attribute:member
Group Member Type: Distinguished Name
Search Base: OU=Security Groups,DC=DOMAIN,DC=com
Search Filter: (&(objectClass=user)(objectcategory=user)(sAMAccountName=<username>))
I am not sure what to put for
Search Distingished Name (DN) and Search Password.
i have tried a valid username for the domain but it has not worked.
i have attached a pick from my ldap browser. I think i am just missing soemthign simple here. [/img]
LDAP Search Error: Unable to find users DN with 2008 AD
Moderators: Developers, Moderators
-
draftermath
- Posts: 1
- Joined: Thu Mar 19, 2009 8:26 am
LDAP Search Error: Unable to find users DN with 2008 AD
- Attachments
-
- ldap search.jpg (88.06 KiB) Viewed 14625 times
-
rony
- Developer/Forum Admin
- Posts: 6022
- Joined: Mon Nov 17, 2003 6:35 pm
- Location: Michigan, USA
- Contact:
Put in an account that is allowed to query ADS. Use the following format:
Replace username with the username and replace domain with the domain specified on the user. I don't recall immediately and I don't have a VM to check, but I think the field is called Primary Name.
Code: Select all
<username>@<domain>[size=117][i][b]Tony Roman[/b][/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]
Hi,
i still got the same Error:
my settings:
Mode:Specific
Distinguished Name (DN): <username>@mydomain.local
Require Group Membership: Checked.
Group Distingished Name (DN): CN=NT_IT,OU=Rollen,DC=mydomain,DC=local
Group Member Attribute: memberUid=NT_IT
Group Member Type: Distinguished Name
###
Search Base: ou=Rollen,dc=mydomain,dc=local
Search Filter: (&(objectClass=user)(objectcategory=user)(sAMAccountName=<username>))
Search Distingished Name (DN):
cn=saLDAP,ou=Service-Account,ou=Server,ou=Company,dc=mydomain,dc=local
Search Password: xxxx
Any help appreciated!
Thanks!
i still got the same Error:
my settings:
Mode:Specific
Distinguished Name (DN): <username>@mydomain.local
Require Group Membership: Checked.
Group Distingished Name (DN): CN=NT_IT,OU=Rollen,DC=mydomain,DC=local
Group Member Attribute: memberUid=NT_IT
Group Member Type: Distinguished Name
###
Search Base: ou=Rollen,dc=mydomain,dc=local
Search Filter: (&(objectClass=user)(objectcategory=user)(sAMAccountName=<username>))
Search Distingished Name (DN):
cn=saLDAP,ou=Service-Account,ou=Server,ou=Company,dc=mydomain,dc=local
Search Password: xxxx
Any help appreciated!
Thanks!
Re: LDAP Search Error: Unable to find users DN with 2008 AD
I faced the same problem, the fix is to change
Distinguished Name (DN): <username>@mydomain.local
to
Distinguished Name (DN): <username>
Regards
Ibrahim
Distinguished Name (DN): <username>@mydomain.local
to
Distinguished Name (DN): <username>
Regards
Ibrahim
Who is online
Users browsing this forum: No registered users and 1 guest