Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
0
Helpful
1
Replies

Cannot get Firesight system to bind to LDAP/AD

Colin Higgins
Level 2
Level 2

‎06-30-2015 10:46 AM - edited ‎03-10-2019 06:24 AM

I have a Firesight Management server (1500) and want to configure it to use LDAP/AD for administrative authentication.

 

When I go to local policy and configure a new authentication object for LDAP, I am running into a problem where the bind always fails with an error 49.

 

I put in the base DN correctly, and the path to the user account. I even moved the user account to the root of the AD to make it as simple as possible.

 

example:

 

base DN=acme,DC=com

user: cn=tsmith,dc=acme,dc=com

 

Basic LDAP is being used (no TLS). We checked the password, gave the account elevated rights, etc. Still getting error 49 every time.

 

Nothing appears in the Domain Controller's event log regarding a failed login. The Firesight system simply doesn't bind.

 

There are no firewalls between the systems, and they have full connectivity to each other.

 

Has anyone seen this? What can I do?

Labels:
0 Helpful
1 Reply 1

Colin Higgins
Level 2
Level 2

‎07-02-2015 08:59 AM

I can answer my own question

 

the documentation is wrong: when specifying the username path, do NOT use LDAP parameters

 

use: DOMAIN\username

 

and it will work

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card