I have a working LDAP server (set up by a previous sysadmin, and a bit esoteric). From my Cacti server I can successfully query the LDAP server. The following command returns all usernames that begin with the letter "A."
ldapsearch -x -h ldap.example.com -b 'dc=ldap,dc=example,dc=com' 'cn=a*'
dn: cn=Full Name,ou=People,dc=ldap,dc=example,dc=com
However, I can't seem to figure out the correct settings to make Cacti authenticate against it. I've tried all three modes--no searching, anonymous searching, specific searching--but it always errors out. The interesting thing is when I try it in Firefox the error is "LDAP Error: General bind error, LDAP result: Inappropriate authentication" but in Safari it's "LDAP Search Error: General bind error, LDAP result: Server is unwilling to perform." The log on the LDAP server reflects the two differing error messages as well.
LDAP authentication setup
Moderators: Developers, Moderators
-
- Posts: 10
- Joined: Fri Aug 03, 2012 6:58 pm
LDAP authentication setup
- Attachments
-
- Screen shot 2012-08-03 at 5.12.59 PM.png (218.81 KiB) Viewed 1600 times
-
- Posts: 1
- Joined: Mon Oct 15, 2012 7:09 am
Re: LDAP authentication setup
i too getting the same error . Also i have noticed that when i am leaving password blank , then only it is occurring , i do not want to use password
Re: LDAP authentication setup
You're trying to do a specific search but I'm not sure your "Search Distingished Name" is properly configured
On my server Search Distingished Name: uid=admin_read_only,ou=people,dc=mycompany,dc=org and I added the passwords.
Your filter is also wrong, mine is Search Filter = (&(objectClass=GosaAccount)(uid=<username>)), becareful and use your proper objectClass and also I use uid not cn, do adapt to your needs
I'm not sure I understood your ldapsearch command but maybe you're allowed to do anonymous searches, in that case specify Mode = Anonymous Searches
The last option is to use Mode = No Searching, in that case configure Distinguished Name (DN) = uid=<username>,ou=people,dc=mycompany,dc=org
It has to work =)
On my server Search Distingished Name: uid=admin_read_only,ou=people,dc=mycompany,dc=org and I added the passwords.
Your filter is also wrong, mine is Search Filter = (&(objectClass=GosaAccount)(uid=<username>)), becareful and use your proper objectClass and also I use uid not cn, do adapt to your needs
I'm not sure I understood your ldapsearch command but maybe you're allowed to do anonymous searches, in that case specify Mode = Anonymous Searches
The last option is to use Mode = No Searching, in that case configure Distinguished Name (DN) = uid=<username>,ou=people,dc=mycompany,dc=org
It has to work =)
Some info about my system
- Cacti: 0.8.8g / OpenBSD 6.6
- Third Party: Nginx 1.16.1 / PHP 7.3.10 / MariaDB 10.3.18v1 / NET-SNMP version 5.8p2 / RRDTool 1.7.2
- Plugins: Weathermap 0.97c / Settings 0.71 / Thold 0.5 / Flowview 1.1 / Realtime 0.5.2 / Predict 1.0
- Cacti: 0.8.8g / OpenBSD 6.6
- Third Party: Nginx 1.16.1 / PHP 7.3.10 / MariaDB 10.3.18v1 / NET-SNMP version 5.8p2 / RRDTool 1.7.2
- Plugins: Weathermap 0.97c / Settings 0.71 / Thold 0.5 / Flowview 1.1 / Realtime 0.5.2 / Predict 1.0
Re: LDAP authentication setup
After reading your second message, the option 2 that I wrote is for you: Anonymous Searches
Some info about my system
- Cacti: 0.8.8g / OpenBSD 6.6
- Third Party: Nginx 1.16.1 / PHP 7.3.10 / MariaDB 10.3.18v1 / NET-SNMP version 5.8p2 / RRDTool 1.7.2
- Plugins: Weathermap 0.97c / Settings 0.71 / Thold 0.5 / Flowview 1.1 / Realtime 0.5.2 / Predict 1.0
- Cacti: 0.8.8g / OpenBSD 6.6
- Third Party: Nginx 1.16.1 / PHP 7.3.10 / MariaDB 10.3.18v1 / NET-SNMP version 5.8p2 / RRDTool 1.7.2
- Plugins: Weathermap 0.97c / Settings 0.71 / Thold 0.5 / Flowview 1.1 / Realtime 0.5.2 / Predict 1.0
Who is online
Users browsing this forum: No registered users and 1 guest