The bit about "Matched DN : '' " suggests that something about your LDAP
configuration is incorrect and it's not finding your users. You may have
it searching for the wrong field or the wrong AD branch. Ours has 'user
search pattern' set to
(&(objectClass=user)(sAMAccountName={0}))
and the Display Name attribute is "displayName".
We also have the 'Search Base DN' set to the art of the tree where user
accounts live, IE "OU=Champaign,DC=company,DC=com"
I am assuming you've used that big orange 'test server connection' button
to verify your graylog is using the correct LDAP server port and encryption
type. (Ours is port 389 with no ssl or tls.) This would also verify your
System Username is a valid DN allowed to search the tree. Ours looks like
(I'm serious, I didn't set this up):
CN=Buggs Bunny,OU=TestAccounts2,OU=Champaign,DC=company,DC=com
On Tue, Jan 19, 2016 at 9:29 AM, <[email protected]> wrote:
> Hello,
>
> we've tried to connect out Graylog server to our Active-directory but
> every time someone trys to sign in Graylog try to sign in a different user.
> This user is always the same one, the error says invalid credentials, and
> match the LDAP attributes for this different user...
> Any idea what we could do?
>
>
> MessageType : BIND_RESPONSE
> Message ID : 27
> BindResponse
> Ldap Result
> Result code : (INVALID_CREDENTIALS) invalidCredentials
> Matched Dn : ''
> Diagnostic message : '80090308: LdapErr: DSID-0C0903C8, comment:
> AcceptSecurityContext error, data 52e, v2580
>
>
>
> Thanks in advance,
> Greetings
>
> --
> You received this message because you are subscribed to the Google Groups
> "Graylog Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/graylog2/99bc7f0b-7cac-40f4-ad9a-f141151f012c%40googlegroups.com
> <https://groups.google.com/d/msgid/graylog2/99bc7f0b-7cac-40f4-ad9a-f141151f012c%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
No matter what we think of Linux versus FreeBSD, etc., the one thing I
really like about Linux is that it has Microsoft worried. Anything
that kicks a monopoly in the pants has got to be good for something.
- Chris Johnson
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/CAL5rfGWMtGJCS3WnA4BcM-Q-B-KZyW6BbPuA8_mDateb_zFXCw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
