Done and everything works fine!

Thanks!

i have only a doubt, is it possible to login via cli with LDAP configured? Or still i need a local user?

Thanks

Hi all,

weird thing today, we got two ESA in a cluster.

I cannot understand why ldap is working on a unit and not on other.

Just to be clear, should i configure LDAP in a "cluster mode"? or per machine?

Thanks

Per definition you should try to configure in cluster mode when ever possible to make it easier on you.

There are areas where a cluster configuration might break things, as an example in LDAP . Check system admin / ldap and make sure the name of the Certificate used for LDAPs in named the same and exists on both ESA with that name.

Also test the LDAP settings in both ESA in machine mode and cluster mode to see if there is a mismatch.

I hope that helps

-Marc

Hi Marc,

the certificate is the same, and the tests are all fine on both, with machine and with cluster, i cannot understand why on one i got ldap auth and not on the other one.

I've noticed, dunno if it is right, one of the two esas has an inbound listener, machine mode, the other one has not configured a listener machine mode but only cluster mode. Dunno if this helps.

Thanks

Regards

Salvatore

Hi Salvatore,

can only speculate as I dont have access to your ESA. In our enviroment all ESA have the IP interfaces in machine mode and the listeners in cluster mode. The LDAP port binds to the listener. Does LDAP work on the ESA with the machine mode listener or the other one ? This would give me hints in which way the configuration needs to be "copied".

-Marc

Hi,

yes, the ldap is working on the machine with the listener present, should i configure the same listener on the other one?

Thanks

hi all, just configured the listener on the other machine, but no way, the ldap is working only on one machine of the cluster, dunno why!