This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LDAP authencation help

I am trying to authenticate ASL with Windows 2003 server AD through LDAP but can't get it to work.  Here is my LDAP setup on ASL:
  Status:     Enable
  LDAP Type:    Active Directory
  Unique User Attribute:   userPrincipalName
  IP Address:    192.168.0.x
  TCP Port:   389
  Bind DN:    cn=administrator, cn=Users, dc=domain, dc=com
  Base DN:   dc=domain, dc=com
  Password:   xxxxxxx

I am not sure what I am doing wrong.  I just get this to work with Win2k3 Active Directory.  Any help would be appriceated.  I am using ASL firewall 5.010

Thanks!!!! [:S]

This thread was automatically locked due to age.

Parents

0 Truth over 21 years ago

Hi there...

I think the problem is, that you say that the UniqueUserName are UPN (User Prinicpal Name)..

UPN = user@domain.tl
SAM= cn=user, cn=users, dc=domain, dc=tl

Try it and let me know if they work...

Read more about it on the ASL v5.0 Manual since Site 86-95
Cancel
Vote Up 0 Vote Down

Cancel
0 Truth over 21 years ago in reply to Truth

I have the same problem and i have try to make with both Types, UPN and DN, but both doesnt work and when i know why, i was very happy.. ;-)(

My Configuration look like this...

ldap Type: Active Directory
Unique User Attribute: userPrincipalName
IP Address: 172.18.2.1
TCP Port: 389
Bind DN: administrator@nexsystems.ch
Base DN: dc=nexsystems, dc=ch
Password: xxxxxxx

I have also enable and configure the DNS Proxy like the manual..

DNS Proxy listen on: Internal_Interface
Allowed Networks: any
Forwarded NS: 172.18.2.1, 172.18.2.2

I know, that i must not give the Administrator to query the ADS, but when it works, then i change the account...

Can someone help us, that the ADS LDAP Connect works properly?

Here is the Protcol from authentication....

2004:06:09-07:05:15 (none) aua[569]: flushing cache
2004:06:09-07:05:15 (none) aua[14650]: LOCAL method failed U:lauced@nexsystems.ch
2004:06:09-07:05:15 (none) aua[14650]: U:lauced@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:15:16 (none) aua[569]: flushing cache
2004:06:09-08:15:16 (none) aua[15254]: U:admin F:webadmin R[:$]K C:auth by aua.local
2004:06:09-08:18:49 (none) aua[569]: flushing cache and re-reading config
2004:06:09-08:19:15 (none) aua[15377]: LOCAL method failed U:lauced@nexsystems.ch
2004:06:09-08:19:15 (none) aua[15377]: U:lauced@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:20:04 (none) aua[15411]: U:admin F:webadmin R[:$]K C:auth by aua.local
2004:06:09-08:21:32 (none) aua[569]: flushing cache and re-reading config
2004:06:09-08:22:09 (none) aua[15550]: LOCAL method failed U:lauced@nexsystems.ch
2004:06:09-08:22:10 (none) aua[15550]: LDAP method failed U: lauced@nexsystems.ch
2004:06:09-08:22:10 (none) aua[15550]: U:lauced@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:25:48 (none) aua[15599]: LOCAL method failed U:truth@nexsystems.ch
2004:06:09-08:25:48 (none) aua[15599]: LDAP method failed U: truth@nexsystems.ch
2004:06:09-08:25:48 (none) aua[15599]: U:truth@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:26:00 (none) aua[15606]: U:admin F:webadmin R[:$]K C:auth by aua.local
2004:06:09-08:27:16 (none) aua[569]: flushing cache and re-reading config

Thanks a lot for your help and sorry for my english.. ;-)
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Truth over 21 years ago in reply to Truth

I have the same problem and i have try to make with both Types, UPN and DN, but both doesnt work and when i know why, i was very happy.. ;-)(

My Configuration look like this...

ldap Type: Active Directory
Unique User Attribute: userPrincipalName
IP Address: 172.18.2.1
TCP Port: 389
Bind DN: administrator@nexsystems.ch
Base DN: dc=nexsystems, dc=ch
Password: xxxxxxx

I have also enable and configure the DNS Proxy like the manual..

DNS Proxy listen on: Internal_Interface
Allowed Networks: any
Forwarded NS: 172.18.2.1, 172.18.2.2

I know, that i must not give the Administrator to query the ADS, but when it works, then i change the account...

Can someone help us, that the ADS LDAP Connect works properly?

Here is the Protcol from authentication....

2004:06:09-07:05:15 (none) aua[569]: flushing cache
2004:06:09-07:05:15 (none) aua[14650]: LOCAL method failed U:lauced@nexsystems.ch
2004:06:09-07:05:15 (none) aua[14650]: U:lauced@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:15:16 (none) aua[569]: flushing cache
2004:06:09-08:15:16 (none) aua[15254]: U:admin F:webadmin R[:$]K C:auth by aua.local
2004:06:09-08:18:49 (none) aua[569]: flushing cache and re-reading config
2004:06:09-08:19:15 (none) aua[15377]: LOCAL method failed U:lauced@nexsystems.ch
2004:06:09-08:19:15 (none) aua[15377]: U:lauced@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:20:04 (none) aua[15411]: U:admin F:webadmin R[:$]K C:auth by aua.local
2004:06:09-08:21:32 (none) aua[569]: flushing cache and re-reading config
2004:06:09-08:22:09 (none) aua[15550]: LOCAL method failed U:lauced@nexsystems.ch
2004:06:09-08:22:10 (none) aua[15550]: LDAP method failed U: lauced@nexsystems.ch
2004:06:09-08:22:10 (none) aua[15550]: U:lauced@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:25:48 (none) aua[15599]: LOCAL method failed U:truth@nexsystems.ch
2004:06:09-08:25:48 (none) aua[15599]: LDAP method failed U: truth@nexsystems.ch
2004:06:09-08:25:48 (none) aua[15599]: U:truth@nexsystems.ch F:webadmin R[[[[:D]]]]ENY
2004:06:09-08:26:00 (none) aua[15606]: U:admin F:webadmin R[:$]K C:auth by aua.local
2004:06:09-08:27:16 (none) aua[569]: flushing cache and re-reading config

Thanks a lot for your help and sorry for my english.. ;-)
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data