Hi
I've deployed 2.0.3 from the OVA, and configured up LDAP with a service
account, which is lovely and everything works.
The first time I tried to test the authentication for a test user account
it worked fine. I then tried using my domain account, and get "user found",
but "invalid credentials"
MessageType : BIND_RESPONSE
Message ID : 5
BindResponse
Ldap Result
Result code : (INVALID_CREDENTIALS) invalidCredentials
Matched Dn : ''
Diagnostic message : '80090308: LdapErr: DSID-0C0903D0, comment:
AcceptSecurityContext error, data 52e, v2580'
Interesting, I think. The credentials are *definitely* correct, so I have a
look into the logs on the domain controller and see that it's passing the
username of the test user but (presumably) the correct password data. If I
look further down the test page I can see that all the details (display
name, UPN etc) are indeed those of the test user account initially tried.
So it looks like the username is being registered somewhere - any ideas
where I should check for this, and how I prevent this from happening
(because it looks to be doing the same when an LDAP user tries to login -
the test user account gets locked out in AD regardless of the username
entered).
Thanks!
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/9e01c312-2b88-48c6-9786-e52dbe41ca6e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
