/build/static/layout/Breadcrumb_cap_w.png

LDAP not working for an OU

Me and another guy are domain admins. LDAP has worked well for us. But for some reason, he and I can not log into Kace with our domain accounts. I found that If I move my AD account to a different OU, presto; I can log in. Move it back and no dice.

 

What am I missing here? What do I need to look for?

Asked 12 years ago 1788 views
0 Comments   [ + ] Show comments

Answers (3)

Posted by: jverbosk 12 years ago
Red Belt
0

Are you pointing to the root of the domain or targetting a specific OU in the Search Base DN on the Control Panel > User Authentication > External LDAP Server Authentication > User Server screen? Just for reference, I'm not using the Admin Server or Read-Only Admin Server screens at all (they are defaults with KACE default info in the fields).

For my Search Base DN, I have (for the Company.Net domain):

DC=Company,DC=Net

For my search filter, I have:

(&(&(&(samaccountname=KBOX_USER)(objectclass=user))(department=*))))

I added the department=* as (in my setup) only non-utility user accounts will have this field populated in ADUC, but this might be an idea for something you could try.

Hope something there helps!

John

Posted by: SMal.tmcc 12 years ago
Red Belt
0

Also make sure the ldap user you are attaching with has read rights to all OU's

Posted by: Timi 12 years ago
7th Degree Black Belt
0

Here is a really good article explaining ldap setup with multiple OU's if you are still looking for an answer.

 

http://www.kace.com/support/resources/kb/article/Setting-up-LDAP-Filter-Tips-and-Tricks?action=artikel&cat=55&id=1004&artlang=en

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ