HPE Storage Users Group

A Storage Administrator Community




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: LDAP Authentication "Errors while reading config params"
PostPosted: Tue Jun 26, 2012 2:23 am 

Joined: Tue Jun 26, 2012 2:09 am
Posts: 2
Hi
I tried set up AD Authentication. I have checked the info using LDP

No matter what I tried I was unable to get an authentication or an error that shows me the AD authntication was attempted.

below is teh output of "showauthparam"
=======================================
binding sasl
sasl-mechanism GSSAPI
account-obj user
account-name-attr sAMAccountName
ldap-server 138.35.232.120
kerberos-realm OMC.HP.COM
ldap-server-hn DCLSGPKOMC01.omc.hp.com
memberof-attr memberOf
super-map CN=US-WW MMI_NZCS,OU=SSLVPN,OU=Infrastructure,OU=Forest Univer
sal Groups,DC=omc,DC=hp,DC=com
accounts-dn OU=VWXYZ,OU=User Accounts,OU=APJ,OU=Region,DC=omc,DC=hp,DC=com
====================================
 

NZAUHCS3PAR01 cli% checkpassword watsonbl
password:
+ attempting authentication and authorization using system-local data
+ authentication denied: unknown username
+ attempting authentication and authorization using LDAP
+ authentication denied: errors while reading configuration parameters
user abcde is not authenticated or not authorized
NZAUHCS3PAR01 cli%
==============================================

Please note I to the best of my knowledge the OU and DC info are correct for the DN & CN. I tried removing "super-map" expected some kind of authentication fail or group does not exisit or similar. But always getting "Error reading configuratioon parameters"

Note I don't have an NTP yet not sure that will give this error.

Any help is really appreciated

THANKS
Nagaraj


Top
 Profile  
Reply with quote  
 Post subject: Re: LDAP Authentication "Errors while reading config params"
PostPosted: Thu Jun 28, 2012 8:56 am 
Site Admin
User avatar

Joined: Tue Aug 18, 2009 10:35 pm
Posts: 1328
Location: Dallas, Texas
So general checks:

Make sure your ldap-server-hn reverse lookups to your ldap-server IP address in DNS.
Make sure your kerberos-realm matches AD (its case sensitive)
Make sure your username is in the OU you specified in accounts-dn

_________________
Richard Siemers
The views and opinions expressed are my own and do not necessarily reflect those of my employer.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 


Who is online

Users browsing this forum: No registered users and 31 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group | DVGFX2 by: Matt