HPE Storage Users Group https://3parug.net/ |
|
LDAP Authentication "Errors while reading config params" https://3parug.net/viewtopic.php?f=17&t=165 |
Page 1 of 1 |
Author: | nznagaraj [ Tue Jun 26, 2012 2:23 am ] |
Post subject: | LDAP Authentication "Errors while reading config params" |
Hi I tried set up AD Authentication. I have checked the info using LDP No matter what I tried I was unable to get an authentication or an error that shows me the AD authntication was attempted. below is teh output of "showauthparam" ======================================= binding sasl sasl-mechanism GSSAPI account-obj user account-name-attr sAMAccountName ldap-server 138.35.232.120 kerberos-realm OMC.HP.COM ldap-server-hn DCLSGPKOMC01.omc.hp.com memberof-attr memberOf super-map CN=US-WW MMI_NZCS,OU=SSLVPN,OU=Infrastructure,OU=Forest Univer sal Groups,DC=omc,DC=hp,DC=com accounts-dn OU=VWXYZ,OU=User Accounts,OU=APJ,OU=Region,DC=omc,DC=hp,DC=com ==================================== NZAUHCS3PAR01 cli% checkpassword watsonbl password: + attempting authentication and authorization using system-local data + authentication denied: unknown username + attempting authentication and authorization using LDAP + authentication denied: errors while reading configuration parameters user abcde is not authenticated or not authorized NZAUHCS3PAR01 cli% ============================================== Please note I to the best of my knowledge the OU and DC info are correct for the DN & CN. I tried removing "super-map" expected some kind of authentication fail or group does not exisit or similar. But always getting "Error reading configuratioon parameters" Note I don't have an NTP yet not sure that will give this error. Any help is really appreciated THANKS Nagaraj |
Author: | Richard Siemers [ Thu Jun 28, 2012 8:56 am ] |
Post subject: | Re: LDAP Authentication "Errors while reading config params" |
So general checks: Make sure your ldap-server-hn reverse lookups to your ldap-server IP address in DNS. Make sure your kerberos-realm matches AD (its case sensitive) Make sure your username is in the OU you specified in accounts-dn |
Page 1 of 1 | All times are UTC - 5 hours |
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |