Text only | Text with Images

NetXMS Support Forum

English Support => General Support => Topic started by: chillyw13 on March 31, 2017, 05:05:50 PM

Title: Trying to get LDAP to work with AD
Post by: chillyw13 on March 31, 2017, 05:05:50 PM
Not sure if I understand fully what this is supposed to accomplish.  My understanding is that it will add users from my AD domain into Netxms, correct?  I have put everything into the settings according to the docs, but I never see my users populate.  I greped my log files and see no errors.  Just wondering if I am looking at this correctly or not.
Title: Re: Trying to get LDAP to work with AD
Post by: Tursiops on April 01, 2017, 08:13:19 AM
We're using LDAP/AD and it works fine.
What does your NetXMS server configuration look like? Does it have access to your domain controller (firewall or user authentication issues)? Are your search base and filter correct? Does your SyncUser exist?
Can you show us your existing configuration (of course without providing usernames/passwords)?
Title: Re: Trying to get LDAP to work with AD
Post by: chillyw13 on April 04, 2017, 08:19:12 PM
No firewall.  Attached is my config.

Title: Re: Trying to get LDAP to work with AD
Post by: devportal on April 04, 2017, 08:32:24 PM
try this:
set       LdapMappingName to sAMAccountName
           LdapMappingFullName to displayName
           LdapMappingDescription to description
           LdapGroupClass to group
           LdapSearchFilter to (objectClass=user)
Title: Re: Trying to get LDAP to work with AD
Post by: chillyw13 on April 05, 2017, 05:22:20 PM
Ok, I set those per your post, still not seeing anything.  Are my domain users supposed to show up in the user manager?  If I am supposed to add them in, how do I select AD authentication?  Still trying to figure out how to know this is working.  I should also note that I started the server in debug mode (-D9) and there are no errors for ldap.  Of course there is nothing there for anything ldap.  It's like it's not even trying to connect.  I know openldap is running: Started LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).
Title: Re: Trying to get LDAP to work with AD
Post by: chillyw13 on April 05, 2017, 06:07:42 PM
Woohoo!!  Finally got it working!  Thanks for the response as that got me pointed in the right direction. 
Title: Re: Trying to get LDAP to work with AD
Post by: chillyw13 on April 05, 2017, 06:19:32 PM
One last thing to add to this.  I have assigned my AD account with admin group membership.  I even set my account with full access.  I can indeed get to everything in the menu.  however, the object browser does not show anything.  Nothing.  It's completely blank.  Is there something I missed?
Title: Re: Trying to get LDAP to work with AD
Post by: Victor Kirhenshtein on April 09, 2017, 12:34:35 PM
Hi,

you have to add object access rights as well. They are assigned in object properties. You can also add your users to Admins group - it should have all object rights assignments already.

Best regards,
Victor
Text only | Text with Images