I am trying to set up an AD realm. The directory test passes and I think I have the realm config correct, but when I try to user download, the job completes but finds no users or groups. I have the base and group DN set for the top of the tree (a very small tree), but I have tried pointing either to a specific OU that contains users or groups. I have my directory using port 389 (and as I've said, the test there works). Any ideas? Thanks.
Both base and group dn = dc=CyberSEC,cd=VINU. This is basically the top of the tree. It is how I do my other FirePower device, just a different tree/domain, but I use the top of the tree there also (for both).
My working configuration in the lab looks like this:
Basically both the Base and Group distinguished names (DNs) are structured with Domain Components (DCs) as follows:
dc=<first field of your fully-qualified AD domain name>, dc= <second field>, etc. up to the top level domain.