[Check_mk (english)] Unable to connect to ldap server

Micah Figone micah at uber.com
Fri Feb 20 00:11:23 CET 2015


Still no luck...

Verified creds, set user DN to dc=domain,dc=com and put a search filter
of (&(objectclass=inetOrgPerson)(memberOf=cn=employees,ou=Groups,dc=domain,dc=com))

Still getting the same error....


--
Micah Figone

Senior Systems Engineer
Uber

On Thu, Feb 19, 2015 at 2:57 PM, Kris Lou <klou at themusiclink.net> wrote:

> Bind at the highest level, but use the search filter to narrow the
> acceptable scope.  I.E bind to CN=Users, but allow only CN=Domain Admins.
>
> My search filter
> is (&(objectclass=user)(objectcategory=person)(memberof=cn=Domain
> Admins,cn=Users,dc=xxxx,dc=xxxx))
>
>
> Kris Lou
> klou at themusiclink.net
>
> On Thu, Feb 19, 2015 at 2:45 PM, Micah Figone <micah at uber.com> wrote:
>
>> Ok. So that might be the issue. The User Base DN is a different OU then
>> the bind user is in.... Anyone know of a way to get it to accept that? I
>> dont want to have users not in my specified users dn to be able to login...
>>
>>
>> --
>> Micah Figone
>>
>> Senior Systems Engineer
>> Uber
>>
>> On Thu, Feb 19, 2015 at 2:00 PM, James Holden <jamesh at comrad.co.nz>
>> wrote:
>>
>>>  Can you use an LDAP Browser to ensure your Base DN and User DN are
>>> right with the LDAP user you are using to bind with?
>>>
>>>  My Bind Credentials look like;
>>>
>>>  CN=monitoring,OU=XXXXXX,OU=XXXXXX,DC=XXXXX,DC=local
>>>
>>> Where ‘monitoring’ is my LDAP user account etc
>>>
>>>
>>>    *James Holden*
>>>  Senior Technology Services Engineer
>>>  *________________________
>>> ____                                                    _____        *
>>>  *COMRAD.*
>>>  *Radiology Information Solutions*
>>>
>>> M: +64 029 770 1295
>>> P:  +64 3 353 1444
>>> F:  +64 3 379 8465
>>> E:  jamesh at comrad.co.nz
>>>
>>>  www.comrad.co.nz
>>>
>>>
>>>
>>> Comrad Medical Systems Ltd
>>>
>>> PO Box 36-215
>>>
>>> Level 1, 225 Papanui Road
>>>
>>> Merivale, Christchurch 8014
>>>
>>> New Zealand
>>>
>>>
>>>
>>> *CONFIDENTIALITY NOTICE*
>>>
>>> This email and any files transmitted with it are confidential and
>>> intended solely for the use of the addressee(s).  If you are not the
>>> intended recipient, any disclosure, copying, distribution or use of the
>>> contents of this information is prohibited.  If you have received this
>>> email in error, please notify the sender and destroy all electronic and
>>> hard copies of the communication, including any attachments immediately.
>>> The integrity and security of email cannot be guaranteed on the Internet.
>>> Comrad Medical Systems Ltd therefore takes no liability for any damages
>>> caused or alleged to be caused as a result of errors or omissions in the
>>> content of this message or any attachments, or by any other file corruption
>>> or virus that might be transmitted via this email.
>>>
>>>   From: Micah Figone
>>> Date: Friday, 20 February 2015 10:49 am
>>> To: checkmk-en
>>> Subject: [Check_mk (english)] Unable to connect to ldap server
>>>
>>>   I have verified that I can connect to the ip and port from the
>>> check_mk box. But when I try to setup the LDAP server from the UI it says
>>> that it fails to connect...
>>>
>>>  From the debug log:
>>>
>>>  2015-02-19 13:44:25 LDAP_BIND cn=user,ou=Services,dc=domain,dc=com
>>>
>>> 2015-02-19 13:44:26   FAILED ({'info': '(unknown error code)', 'desc':
>>> "Can't contact LDAP server"})
>>>    Any suggestions?
>>>
>>>
>>>  --
>>> Micah Figone
>>>
>>>  Senior Systems Engineer
>>> Uber
>>>
>>
>>
>> _______________________________________________
>> checkmk-en mailing list
>> checkmk-en at lists.mathias-kettner.de
>> http://lists.mathias-kettner.de/mailman/listinfo/checkmk-en
>>
>>
>
> _______________________________________________
> checkmk-en mailing list
> checkmk-en at lists.mathias-kettner.de
> http://lists.mathias-kettner.de/mailman/listinfo/checkmk-en
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mathias-kettner.de/pipermail/checkmk-en/attachments/20150219/04ef03ea/attachment.html>


More information about the checkmk-en mailing list