Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2189
Views
5
Helpful
8
Replies

DX80 Ldap user Management

Ayodeji Okanlawon
VIP Alumni
VIP Alumni

‎09-29-2017 11:43 AM - edited ‎03-18-2019 01:30 PM

Gents

I am trying to use the LDAP integration feature in CE8.2 for user management on our TP endpoints. I am not having any luck with this. I have enabled LDAP configuration as follows, but I dont even see the DX80 attempting to query LDAP for the login.

Is there anything I am missing?

 

 

 

DX80.JPG

Please rate all useful posts
0 Helpful
8 Replies 8

Patrick Sparkman
VIP Alumni
VIP Alumni

‎09-29-2017 03:03 PM - edited ‎09-29-2017 03:04 PM

Are you using the correct port?  Make sure you're using the correct port and encryption setting for your AD server, check the admin guide for details on these two settings.

What if you change your Base DN to: DC=corporate,DC-lab,DC=com.

Try removing the Admin Filter and use just the Admin Group.

There isn't much in the logs, but you can check auth.log to see if you get successful or failed login attempts.

0 Helpful

Ayodeji Okanlawon
VIP Alumni
VIP Alumni
In response to Patrick Sparkman

‎09-29-2017 03:22 PM

Thanks Patrick. The port is correct same port ad I use on cucm integration with LDAP. The with log doesn't even show the unit attempting to contact the LDAP server. I will try and change the base DN. 

One question is this do I need to add tgr user on the TP until first and aff it to Admin group?  I did try this as well and still no luck

Please rate all useful posts
0 Helpful

Patrick Sparkman
VIP Alumni
VIP Alumni
In response to Ayodeji Okanlawon

‎09-29-2017 06:46 PM

You don't need to add users to the endpoint, when a user authenticates via LDAP, they'll login as an admin, but they don't get added to the endpoint's user list.  Make sure you're logging into the web interface as domain\username.

Mike Hagans
Level 1
Level 1
In response to Patrick Sparkman

‎08-13-2018 11:25 AM

This was my issue. Used domain\username and worked - thx
0 Helpful

deepak.rawat@servicenow .com
Level 1
Level 1
In response to Ayodeji Okanlawon

‎04-19-2018 06:35 PM - edited ‎04-19-2018 06:40 PM

 

 

0 Helpful

Ayodeji Okanlawon
VIP Alumni
VIP Alumni
In response to Patrick Sparkman

‎09-30-2017 03:32 PM - edited ‎09-30-2017 03:33 PM

Thanks Patrick. I am not having any luck with this. The LDAP setting I am using is what we are currently using on CUCM which works. I have tried to logging using domain\username. I have changed the base DN as you suggested..It will be nice to see if the TP actually sends a request to the LDAP server. On the auth.log it just shows authentication failure, which looks to me like it was trying to do a local authentication as opposed to LDAP

Please rate all useful posts
0 Helpful

Patrick Sparkman
VIP Alumni
VIP Alumni
In response to Ayodeji Okanlawon

‎09-30-2017 09:01 PM

Try the typical AD port 389, instead of 3268.
0 Helpful

deepak24388
Level 1
Level 1
In response to Ayodeji Okanlawon

‎04-19-2018 06:44 PM

i used below setting and its worked for me :)

Preview file
228 KB
0 Helpful
Customers Also Viewed These Support Documents