08-10-2012 02:57 PM - edited 03-01-2019 10:33 AM
Hi all,
i'm working on UCS Manager Suite and i would like configure Authentication method using LDAP protocol ( AD : Windows 2008 R2 Standard Edition).
I follow this configuration guide:
but i obtained some message : authentication failed.
10.164.85.2 (UCS Manager)
10.164.85.21 (AD)
I have some doubt regarding "Non-Admin Bind User Account" : what are the privileges that it need?
In attach wireshark capture taken on AD Server.
Regards.
Dino
08-10-2012 06:03 PM
Hi Dino,
It looks like it is trying to bind using the account "ucs binduser" and no password. Can you verify a password is set on the bind account in ucs? The bind account needs only read access to active directory.
scope security
scope ldap
show server
08-11-2012 01:44 AM
Hi Brian,
this is output as you request:
UCS-DEMO-A /security/ldap # show server
LDAP server:
Hostname or IP address DN to search and read Port SSL Password
------------------------ ------------------------ ----- ---- --------
10.164.85.21 CN=ucs binduser,OU=DDUsers,DC=didata-dc,DC=local
389 No
You're right regarding no password set but i configure in "ldap provider menu'" password type.
Can you explain where do I define password for "ucs binduser" ?
Thank you for quick answer.
Dino
08-11-2012 04:54 AM
Hi Brian,
I deleted ldap provider profle and reconfigure new profile with same parameters and now it works.
I already use "aaa test server" command to verify authentication and it's works BUT if i checks output
scope security
scope ldap
show server
i obtained same output
DAP server:
Hostname or IP address DN to search and read Port SSL Password
------------------------ ------------------------ ----- ---- --------
10.164.85.21 CN=ucs binduser,OU=DDUsers,DC=didata-dc,DC=local
389 No
I expected **** under Password column.
Thank you for support.
Regards.
Dino
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide