Trying to get LDAP to work with AD

Started by chillyw13, March 31, 2017, 05:05:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

chillyw13

March 31, 2017, 05:05:50 PM
Not sure if I understand fully what this is supposed to accomplish.  My understanding is that it will add users from my AD domain into Netxms, correct?  I have put everything into the settings according to the docs, but I never see my users populate.  I greped my log files and see no errors.  Just wondering if I am looking at this correctly or not.

Tursiops

#1
April 01, 2017, 08:13:19 AM
We're using LDAP/AD and it works fine.
What does your NetXMS server configuration look like? Does it have access to your domain controller (firewall or user authentication issues)? Are your search base and filter correct? Does your SyncUser exist?
Can you show us your existing configuration (of course without providing usernames/passwords)?

chillyw13

#2
April 04, 2017, 08:19:12 PM
No firewall.  Attached is my config.

devportal

#3
April 04, 2017, 08:32:24 PM
try this:
set       LdapMappingName to sAMAccountName
           LdapMappingFullName to displayName
           LdapMappingDescription to description
           LdapGroupClass to group
           LdapSearchFilter to (objectClass=user)

chillyw13

#4
April 05, 2017, 05:22:20 PM Last Edit: April 05, 2017, 05:46:36 PM by chillyw13
Ok, I set those per your post, still not seeing anything.  Are my domain users supposed to show up in the user manager?  If I am supposed to add them in, how do I select AD authentication?  Still trying to figure out how to know this is working.  I should also note that I started the server in debug mode (-D9) and there are no errors for ldap.  Of course there is nothing there for anything ldap.  It's like it's not even trying to connect.  I know openldap is running: Started LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).

chillyw13

#5
April 05, 2017, 06:07:42 PM
Woohoo!!  Finally got it working!  Thanks for the response as that got me pointed in the right direction. 

chillyw13

#6
April 05, 2017, 06:19:32 PM
One last thing to add to this.  I have assigned my AD account with admin group membership.  I even set my account with full access.  I can indeed get to everything in the menu.  however, the object browser does not show anything.  Nothing.  It's completely blank.  Is there something I missed?

Victor Kirhenshtein

#7
April 09, 2017, 12:34:35 PM
Hi,

you have to add object access rights as well. They are assigned in object properties. You can also add your users to Admins group - it should have all object rights assignments already.

Best regards,
Victor
Print
Go Up Pages1
User actions