[Check_mk (english)] Unable to connect to ldap server

Kris Lou klou at themusiclink.net
Thu Feb 19 23:57:46 CET 2015


Bind at the highest level, but use the search filter to narrow the
acceptable scope.  I.E bind to CN=Users, but allow only CN=Domain Admins.

My search filter
is (&(objectclass=user)(objectcategory=person)(memberof=cn=Domain
Admins,cn=Users,dc=xxxx,dc=xxxx))


Kris Lou
klou at themusiclink.net

On Thu, Feb 19, 2015 at 2:45 PM, Micah Figone <micah at uber.com> wrote:

> Ok. So that might be the issue. The User Base DN is a different OU then
> the bind user is in.... Anyone know of a way to get it to accept that? I
> dont want to have users not in my specified users dn to be able to login...
>
>
> --
> Micah Figone
>
> Senior Systems Engineer
> Uber
>
> On Thu, Feb 19, 2015 at 2:00 PM, James Holden <jamesh at comrad.co.nz> wrote:
>
>>  Can you use an LDAP Browser to ensure your Base DN and User DN are
>> right with the LDAP user you are using to bind with?
>>
>>  My Bind Credentials look like;
>>
>>  CN=monitoring,OU=XXXXXX,OU=XXXXXX,DC=XXXXX,DC=local
>>
>> Where ‘monitoring’ is my LDAP user account etc
>>
>>
>>    *James Holden*
>>  Senior Technology Services Engineer
>>  *________________________
>> ____                                                    _____        *
>>  *COMRAD.*
>>  *Radiology Information Solutions*
>>
>> M: +64 029 770 1295
>> P:  +64 3 353 1444
>> F:  +64 3 379 8465
>> E:  jamesh at comrad.co.nz
>>
>>  www.comrad.co.nz
>>
>>
>>
>> Comrad Medical Systems Ltd
>>
>> PO Box 36-215
>>
>> Level 1, 225 Papanui Road
>>
>> Merivale, Christchurch 8014
>>
>> New Zealand
>>
>>
>>
>> *CONFIDENTIALITY NOTICE*
>>
>> This email and any files transmitted with it are confidential and
>> intended solely for the use of the addressee(s).  If you are not the
>> intended recipient, any disclosure, copying, distribution or use of the
>> contents of this information is prohibited.  If you have received this
>> email in error, please notify the sender and destroy all electronic and
>> hard copies of the communication, including any attachments immediately.
>> The integrity and security of email cannot be guaranteed on the Internet.
>> Comrad Medical Systems Ltd therefore takes no liability for any damages
>> caused or alleged to be caused as a result of errors or omissions in the
>> content of this message or any attachments, or by any other file corruption
>> or virus that might be transmitted via this email.
>>
>>   From: Micah Figone
>> Date: Friday, 20 February 2015 10:49 am
>> To: checkmk-en
>> Subject: [Check_mk (english)] Unable to connect to ldap server
>>
>>   I have verified that I can connect to the ip and port from the
>> check_mk box. But when I try to setup the LDAP server from the UI it says
>> that it fails to connect...
>>
>>  From the debug log:
>>
>>  2015-02-19 13:44:25 LDAP_BIND cn=user,ou=Services,dc=domain,dc=com
>>
>> 2015-02-19 13:44:26   FAILED ({'info': '(unknown error code)', 'desc':
>> "Can't contact LDAP server"})
>>    Any suggestions?
>>
>>
>>  --
>> Micah Figone
>>
>>  Senior Systems Engineer
>> Uber
>>
>
>
> _______________________________________________
> checkmk-en mailing list
> checkmk-en at lists.mathias-kettner.de
> http://lists.mathias-kettner.de/mailman/listinfo/checkmk-en
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mathias-kettner.de/pipermail/checkmk-en/attachments/20150219/335d5ed0/attachment-0001.html>


More information about the checkmk-en mailing list