03-31-2014 01:46 PM - edited 03-01-2019 11:36 AM
Hello,
We have set Native authentication to LDAP and UCS Manager login to LDAP as well. We're able to login to GUI & SSH using the LDAP account. But can't login to GUI using local account (admin).
If I change the Native authentication to local, we can login to GUI via local account (admin), but can't login to SSH via LDAP account.
Are we missing anything?
Please let me know.
/Rags
Solved! Go to Solution.
04-01-2014 11:21 PM
Hello,
When you changed the native auth to LDAP and are using local account, are you prepending the local user name with local auth domain name ?
* From Linux / MAC machine
ssh ucs-<domain-name>\\<username>@<UCSM-IP-Address>
ssh -l ucs-<domain-name>\\<username> <UCSM-IP-address>
ssh <UCSM-IP-address> -l ucs-<domain-name>\\<username>
* From putty client
Login as: ucs-<domain-name>\<username>
NOTE Domain name is case sensitive and should match the domain-name configured in UCSM.
Try logging in with domain name\username and let us know the outcome.
Padma
04-01-2014 08:43 AM
You can / should create a “local” Authentication Domain and select "local", to give you a method to gain access to UCS to correct invalid configuration. This is not necessary, as a “Native” account is created by default. This allows you to get to UCS via local authentication in the event your AD credentials are mis-configured. But, I like to have a known back-door in case I mis-configure AD. Once AD is validated you can remove the local account.
In the login menue, you will then see your AD domain and local !
In the Native Authentication: Default Authentication Realm on "LDAP"
04-01-2014 02:09 PM
AS described above, that is exactly we have configured except for deleting the local account (admin). The Native Authentication is also Realm to "LDAP"
After we did this we are not able to login to GUI using local account (admin). So my question is can we login to GUI & SSH session using both local account and AD account?
If I change the Native Authentication to local from LDAP we are able to login in to GUI &SSH using local account. But we can't log in to SSH session using AD account.
Please let me know. Thank you for your prompt reply.
Best Regards,
Rags
04-01-2014 11:21 PM
Hello,
When you changed the native auth to LDAP and are using local account, are you prepending the local user name with local auth domain name ?
* From Linux / MAC machine
ssh ucs-<domain-name>\\<username>@<UCSM-IP-Address>
ssh -l ucs-<domain-name>\\<username> <UCSM-IP-address>
ssh <UCSM-IP-address> -l ucs-<domain-name>\\<username>
* From putty client
Login as: ucs-<domain-name>\<username>
NOTE Domain name is case sensitive and should match the domain-name configured in UCSM.
Try logging in with domain name\username and let us know the outcome.
Padma
04-01-2014 11:38 PM
Which UCS version ?
If you have 2 domains, they should appear in the GUI login menu ? irrelevant of the native authentication.
04-04-2014 04:26 AM
Padma,
This worked. Thank you so much!!
//Rags
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide