LDAP and Active Directory

chazzers23 · 2008-11-17 22:54:09

Hi,

I do a test connection of LDAP directory and it tells me the test is successful but when trying to import users into the database, I have a problem. Can someone point me in the right direction on how to correctly import users?? Thanks!

wawa · 2008-11-18 10:32:55

no info about your config, no answer !

chazzers23 · 2008-11-18 15:02:16

I apologize, did I forget to include that?

Here is my config:

Server: ldap://192.168.1.24
Basedn: DC=chsad_1,DC=chsdomain,DC=edu
LDAP Port: 389
rootdn: CN=glpiuser,CN=users,DC=chsdomain,DC=edu
Connection filter: ((&(objectClass=user)(objectCategory=person))
Pass: ********
Login Field: samaccountname
TLS: No
Time Zone: -2

User attribute containing its groups: memberof
Search Type: Users and Groups
Filter to search in groups: (objectclass=group)
Use DN in the search: YES

Surname:sn
First Name: givenname
Email: mail
Phone: telephonenumber
Phone 2: homephone

AD: W2K

Test was successful to LDAP connection.

chazzers23 · 2008-11-18 18:43:09

I also have GLPI Version .70.2
and PHP5

peetz · 2008-11-18 23:17:06

What happens when you want to logon with a AD User? Any Error?

chazzers23 · 2008-11-19 04:35:27

It gives this output:

unknown user
unsuccessful authorization in LDAP 

Could it be the structure of the AD?

I don't have all my users on my network under the container "Users". I have created separate OU's for each of my users.

Last edited by chazzers23 (2008-11-19 04:42:00)

wawa · 2008-11-19 08:57:42

hello
can you connect with your glpiuser with a browser like browser editor ?

chazzers23 · 2008-11-19 18:17:47

I was unaware you can do that.

I downloaded LDAP browser and used the same server, baseDN and userDN as I used in GLPI.
I got this result in the error Log:

09:47:16 AM: List failed
Root error: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001BD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=chsdomain,DC=edu'

Can anyone tell me what's going on?

Thanks in advance.

wawa · 2008-11-19 18:22:42

well your problem is that you ldap user cannot connect to the directory...
if you're sure your user is ok, maybe you'be got an AD restriction somewhere...
it goes far beyond my knowledges in active directory, sorry

chazzers23 · 2008-11-19 21:43:03

Thank you for all your suggestions! It was a great help! I have finally found my problem once I was able to troubleshoot a bit with the LDAP Browser. My problems lied within the Connection filter portion of my configuration and the baseDN.

For the connection filter, I left it blank
For my baseDN, I was using the computer name then my DC info, which was incorrect. Once I knew the correct OU/CN to plug in I was importing away.

Thanks guys for pointing me in the right direction!

wawa · 2008-11-19 21:45:35

you're welcome !
I close the thread.

Forum GLPI-Project

Announcement

#1 2008-11-17 22:54:09

LDAP and Active Directory

#2 2008-11-18 10:32:55

Re: LDAP and Active Directory

#3 2008-11-18 15:02:16

Re: LDAP and Active Directory

#4 2008-11-18 18:43:09

Re: LDAP and Active Directory

#5 2008-11-18 23:17:06

Re: LDAP and Active Directory

#6 2008-11-19 04:35:27

Re: LDAP and Active Directory

#7 2008-11-19 08:57:42

Re: LDAP and Active Directory

#8 2008-11-19 18:17:47

Re: LDAP and Active Directory

#9 2008-11-19 18:22:42

Re: LDAP and Active Directory

#10 2008-11-19 21:43:03

Re: LDAP and Active Directory

#11 2008-11-19 21:45:35

Re: LDAP and Active Directory

Board footer