Fred, Nice tool. Thanks for the link.
Serouche, We provide a link to the ldp.exe tool here : http://www.javasystemsolutions.com/downloads/ldp.exe It's Microsofts tool we just host it for convenience. Good luck Danny > Serouche, > > The Login Name on an Active Directory LDAP search is usually > sAMAccountName, so in the configuration form "AREA LDAP Configuration" the > User Search Filter would be sAMAccountName=$\USER$ > > Make sure in your setup that you should be querying for the login in a > field called uid. What Danny said about using Microsoft's LDP tool (as > part of the Windows Support Tools) or another LDAP tool like the Softerra > LDAP Browser (http://www.softerra.com/download.htm) is a great > suggestion. > > Fred > > -----Original Message----- > From: Action Request System discussion list(ARSList) > [mailto:arslist@ARSLIST.ORG] On Behalf Of Danny Kellett > Sent: Tuesday, October 02, 2012 5:58 AM > To: arslist@ARSLIST.ORG > Subject: Re: LDAP authentication issue > > Hi, > > Its this line that is the issue: > > */<ARSYS.AREA.LDAP> <FINER> ldap_search_ext("dc=ads,dc=domain,dc=org", > 2, "uid=testman") > > So under that baseDn, the query uid=testman could not be found. > > Ask your domain admin to check the baseDn and use something like ldp.exe > to search for uid=testman. > > Kind regards > Danny > >> -----Original Message----- >> From: Action Request System discussion list(ARSList) >> [mailto:arslist@ARSLIST.ORG] On Behalf Of Remedy Maniac >> Sent: Tuesday, October 02, 2012 3:50 AM >> To: arslist@ARSLIST.ORG >> Subject: LDAP authentication issue >> >> hi list, >> >> could not find any previous post with the following issue. >> Here is what is in my arplugin.log file >> ... >> 1 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7404 */+VL >> AREAVerifyLoginCallback -- user testman >> 2 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7407 >> */<ARSYS.AREA.LDAP> <FINEST> AREAVerifyLoginCallback >> 3 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7409 >> */<ARSYS.AREA.LDAP> <FINER> ldap_init("hqdcc1.domain.org", 389) >> 4 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7411 >> */<ARSYS.AREA.LDAP> <FINER> connect timeout previously: -1 >> 5 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7413 >> */<ARSYS.AREA.LDAP> <FINER> connect timeout used: 40000 >> 6 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7415 >> */<ARSYS.AREA.LDAP> <FINER> ldap_simple_bind("CN=xsldapro,OU=Service >> Accounts,OU=Location,OU=New Structure,DC=ads,DC=domain,DC=org", hidden) >> 7 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7445 >> */<ARSYS.AREA.LDAP> <FINEST> After the bind >> 8 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:38.7447 >> */<ARSYS.AREA.LDAP> <FINER> ldap_search_ext("dc=ads,dc=domain,dc=org", >> 2, "uid=testman") >> 9 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4920 >> */<ARSYS.AREA.LDAP> <FINE> We do not know the user >> 10 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4923 >> */<ARSYS.AREA.LDAP> <FINER> LicenseMask=1 LicenseWrite=2 LicenseFTS=0 >> LicenseReserved1=0 Notification=3 Email=<NULL> LoginStatus=1 >> ModificationTime=0 >> 11 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4925 >> */<ARSYS.AREA.LDAP> <FINER> Groups=<NULL> >> 12 <PLGN> <TID: 000005> <RPC ID: 0000000299> <Queue: AREA > >> <Client-RPC: 390695> /* Tue Oct 02 2012 10:40:43.4927 >> */-VL FAIL >> <END OF LOG FILE>^@ >> ... >> >> who is this "We" at line 9? >> My config settings are based on what the doc says ('authentication >> chain >> = 'AREA - ARS', cross ref pass is checked also authenticate >> unregistered >> users, RPC port set to 390695) >> The logs show the bind being done (line 7) but then something "does not >> know the user" ... >> any help/tips on what could be wrong is very much appreciated. >> Regards >> Serouche > > > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
