I've also just reconfigured to point to one domain instead of the GC forest (ie ActiveDirectory port 389) and reconfigured accordingly. Made no difference - it still can create new accounts on first login attempt, but the user still sees "credentials are invalid" and the backend still can't get any group information - with the filter set to "(objectClass=group)". As before, removing the filter entirely allows the user to log in - but they can't do anything as you need the LDAP groups to have come through and they haven't. The logs still report the error
"ERR_04486_VALUE_ALREADY_EXISTS The value '20150319215008.0Z' already exists in the attribute (dSCorePropagationData)" ...so that might be the problem -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/55F0DCD9.6050308%40trimble.com. For more options, visit https://groups.google.com/d/optout.
