I have VSOM 7.2.0 and I'm trying to configure LDAP integration but am running into problems with the search filter. I've set it up the best I understand from the manual. The test for general settings work fine, but the search filters I've tried to setup all fail with the below error message:
Operation failed: User john is not found in LDAP filter path (&(cn=john)(memberOf=CN=USERS,DC=xyz,DC=com))
If I put in a bad password or account I get a different error:
Operation failed: Connection to LDAP for user john failed. Invalid bind DN path or credentials
The search filter settings I'm using are:
Search Path: cn=Users,DC=xyz,DC=com
All of our users are located in the default USERS OU in active directory. I'm not sure what I need to change in the search filter to to get this working and I'm really not familiar with the syntax the search filter wants to use. Any help is appreciated!
Does the test for the general binding settings work *all the time*? I.E. - If you try it multiple (at least 10 or more) times in a row, do _any_ of the attempts to authenticate fail?
If so, I may know what your issue is.
The test for general information always works, the failures only come when I add a search filter and test that search filter. I don't even see why I need a search filter since I don't really care who has access to our cameras, but without it you can't assign it to a group.
Okay, well... if your test bind *is* actually working 100% of the time, then it has to be the search filter.
In any of the LDAP integrations I've performed against MS LDAP (AD), the actual account name has always been sAMAccountName. i.e.:
If you haven't given it a try yet, I recommend probing your LDAP structure with a tool like Sysinternals ADExplore to help troubleshoot getting the Search Filter correct.
All the best!
I am not sure how your AD architecture is but I am guessing you are trying to search in a OU called users within your domain. If that is true, it should be as follows:
Search Path: OU=Users,DC=xyz,DC=com
VSOMGary is a global security group I created to allow users access to specific cameras. You need to add users to this group in order for them to have access to log into VSOM.
Nice catch. I completely glossed over the 'memberOf=CN=USERS' in the original posting.