Serouche, The Login Name on an Active Directory LDAP search is usually sAMAccountName, so in the configuration form "AREA LDAP Configuration" the User Search Filter would be sAMAccountName=$\USER$
Make sure in your setup that you should be querying for the login in a field called uid. What Danny said about using Microsoft's LDP tool (as part of the Windows Support Tools) or another LDAP tool like the Softerra LDAP Browser (http://www.softerra.com/download.htm) is a great suggestion. Fred -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Danny Kellett Sent: Tuesday, October 02, 2012 5:58 AM To: [email protected] Subject: Re: LDAP authentication issue Hi, Its this line that is the issue: */<ARSYS.AREA.LDAP> <FINER> ldap_search_ext("dc=ads,dc=domain,dc=org", 2, "uid=testman") So under that baseDn, the query uid=testman could not be found. Ask your domain admin to check the baseDn and use something like ldp.exe to search for uid=testman. Kind regards Danny > -----Original Message----- > From: Action Request System discussion list(ARSList) > [mailto:[email protected]] On Behalf Of Remedy Maniac > Sent: Tuesday, October 02, 2012 3:50 AM > To: [email protected] > Subject: LDAP authentication issue > > hi list, > > could not find any previous post with the following issue. > Here is what is in my arplugin.log file > ... > 1 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7404 */+VL > AREAVerifyLoginCallback -- user testman > 2 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7407 > */<ARSYS.AREA.LDAP> <FINEST> AREAVerifyLoginCallback > 3 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7409 > */<ARSYS.AREA.LDAP> <FINER> ldap_init("hqdcc1.domain.org", 389) > 4 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7411 > */<ARSYS.AREA.LDAP> <FINER> connect timeout previously: -1 > 5 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7413 > */<ARSYS.AREA.LDAP> <FINER> connect timeout used: 40000 > 6 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7415 > */<ARSYS.AREA.LDAP> <FINER> ldap_simple_bind("CN=xsldapro,OU=Service > Accounts,OU=Location,OU=New Structure,DC=ads,DC=domain,DC=org", hidden) > 7 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7445 > */<ARSYS.AREA.LDAP> <FINEST> After the bind > 8 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7447 > */<ARSYS.AREA.LDAP> <FINER> ldap_search_ext("dc=ads,dc=domain,dc=org", > 2, "uid=testman") > 9 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4920 > */<ARSYS.AREA.LDAP> <FINE> We do not know the user > 10 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4923 > */<ARSYS.AREA.LDAP> <FINER> LicenseMask=1 LicenseWrite=2 LicenseFTS=0 > LicenseReserved1=0 Notification=3 Email=<NULL> LoginStatus=1 > ModificationTime=0 > 11 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4925 > */<ARSYS.AREA.LDAP> <FINER> Groups=<NULL> > 12 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > > <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4927 > */-VL FAIL > <END OF LOG FILE>^@ > ... > > who is this "We" at line 9? > My config settings are based on what the doc says ('authentication chain > = 'AREA - ARS', cross ref pass is checked also authenticate unregistered > users, RPC port set to 390695) > The logs show the bind being done (line 7) but then something "does not > know the user" ... > any help/tips on what could be wrong is very much appreciated. > Regards > Serouche _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
