[sipx-users] LDAP Auth problem with AD

Mon, 19 Sep 2011 09:03:02 -0700 

Hi All

I have setup LDAP integration and my users are being imported fine. But my 
users are unable to log into the user webpage with AD username and password. I 
have read up about some problems other people have been having but I am not 
sure I am getting the same problem.

I will explain my configuration, using my user account as an example.

AD Settings:
Username: stephen.barry
Password: letmein123
ipPhone: 5397

I have set my import mappings as follows:

User ID:                sAMAccountName
Alias:                     5397

Searchbase: OU=Users,OU=Resources,DC=system,DC=ads (which is where my account 
resides.)
Filter: memberOf=CN=Voicemail Users,OU=Groups,OU=Resources,DC=system,DC=ads

My user account is imported as expected with username stephen.barry and Alias 
5397 which will be the extension I need voicemail for.

I have tried setting Auth Options to LDAP only and LDAP & PIN, either way I 
cannot log in as username stephen.barry and password letmein123, with the 
latter option (LDAP & PIN) I am able to log in with stephen.barry and PIN 
123456 which is my default PIN setup in the LDAP import screen.

I have captured traffic on the network and I am not seeing an LDAP bind, which 
is how I believe it authenticates the user.

This is what I see in wireshark

3              2.723075              192.168.41.91     192.168.41.30     LDAP   
  searchRequest(13) "<ROOT>" baseObject
6              2.723686              192.168.41.30     192.168.41.91     LDAP   
  searchResEntry(13) "<ROOT>"  | searchResDone(13) success  [1 result]
8              2.724477              192.168.41.91     192.168.41.30     LDAP   
  searchRequest(4) "CN=Stephen Barry,OU=Users,OU=Resources,DC=system,DC=ads" 
baseObject
12           2.725301              192.168.41.30     192.168.41.91     LDAP     
searchResEntry(4) "CN=Stephen Barry,OU=Users,OU=Resources,DC=system,DC=ads"

I have looked at several posts, some mention issues with searching sub-trees, 
but I do not believe this is my issues as my user is in the OU that is the same 
as the search filter.

I am not using TLS.

Does anyone have an ideas what should be going on and why it might not be 
working.

Thanks in advance.

Steve



_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/

Reply via email to