Logscape Support

Members Login
Username 
 
Password 
    Remember Me  
Post Info TOPIC: ldap/active directory


Member

Status: Offline
Posts: 10
Date:
ldap/active directory
Permalink  
 


Testing Directory Config

Context:DC=xxx,DC=xxxxxxx,DC=com Role: User:OU=Users,OU=xxxx

Env:{java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.provider.url=ldap://xxxxxxxxx:389, java.naming.security.principal=_unixxxxxx_service@xxxxxxxxxx, java.naming.security.authentication=simple}

Starting

GetUserIds

Retrieved:45 User Ids

TEST PASSED

 

Ok, so this part worked (took all day to get it there...)

Now how do I actually import the 45 users?



__________________


Senior Member

Status: Offline
Posts: 100
Date:
Permalink  
 

Can you post a grab of the config screen?

Rgds,
N

__________________
ZG


Veteran Member

Status: Offline
Posts: 60
Date:
Permalink  
 

Hi Chad,

Once you've tested that your LDAP configuration is retrieving users. Click [Save], then change your settings from DEFAULT to EXTERNAL_LDAP, then click [APPLY]. Once you have done this you will have your LDAP/Active Directory users imported.

Click on the USERS and you will find the 45 users listed. You can now either modify the permissions of the users or login using your Active Directory credentials.

Regards,

ZG.

__________________


Member

Status: Offline
Posts: 10
Date:
Permalink  
 

Ok, one step closer... I see users now.  Unfortunately, I can't login using my account.  The one thing to note here... we are using Centrify and it uses kerberos to AD... this might be the issue, not sure.

 

All the same, thanks for the progress.

NOTE*** ALSO, I had to use <account>@domain instead DN for the bind account ... for some reason the DN never worked.



__________________
ZG


Veteran Member

Status: Offline
Posts: 60
Date:
Permalink  
 

Hi Chad,

Sign into Logscape using your sAMAccountName. You can not use your userPrincipalName to login since only the sAMAccount is imported into Logscape. The DN for the bind a/c can also be used. This should be the full path of the bind user a/c. You could use a tool like ApacheDirectoryServices or the AD snapin to browse your LDAP tree and verify your configuration.


If you've done all of the above and you still can not log in could you zip your agent.log and send it to support@logscape.com and someone will take a look.

Regards,

ZG.

NOTE: You can change the uid for Directory Service implementation by setting -Dldap.user.field in the boot.properties. ( Defaults are uid for OpenLDAP , sAMAccountName for Active Directory. )

__________________


Member

Status: Offline
Posts: 10
Date:
Permalink  
 

We finally got it working.. Centrfy was totally screwing with things, but now its working. 

 

Thanks a ton for the help.

 



__________________
Page 1 of 1  sorted by
 
Quick Reply

Please log in to post quick replies.



Create your own FREE Forum
Report Abuse
Powered by ActiveBoard