Can't connect to Microsoft Active Directory

lneves

Hi.
I've tried several settings, but I can't connect xormon to my AD, here's the error I get:
Connecting to host: dcldap.mch.moc.sgps/10.126.26.47:389
org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090453, comment: AcceptSecurityContext error, data 52e, v3839]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090453, comment: AcceptSecurityContext error, data 52e, v3839]

LDAP setup test result: FAIL
User could not be authenticated to directory service. Please verify entered user credentials and username format so it corresponds to User Filter Attribute.

In the User Filter Attribute field, I've tried sAMAccountName and userPrincipalName, but the result is always the same.

Can you help me?

Thanks.
Luis Neves

TomasJetelina

check entered DNs, try to get properties with something like (replace values to match your AD):

ldapsearch -LLL -H ldap://10.126.26.47 -D 'DOMAIN\USERNAME' -W -x -b 'dc=mch,dc=moc,dc=sgps' '(&(objectClass=user)(sAMAccountName=USERNAME))'

lneves

Thanks TomasJetelina.
I've managed to configure AD.
But I can't log in with an AD user, I went to Settings ➡ Groups and under LDAP groups, I selected the admins and in the LDAP groups I selected the group I wanted, and save.
But when logging in it always gives user or password error.

TomasJetelina

Have you tried the same username as when you tested LDAP settings before save?

lneves

I tryed a user name that is in the group selected MCH-SYS-ADmins

TomasJetelina

there is pending fix for '+' character in login form, if this is not your issue send us Xormon logs:

Note a short problem description in the text field of the upload form.

# replace lpar2rrd user with user home under which XorMon runs

cd /home/lpar2rrd/xormon-data

tar cvf logs.tar logs

gzip -9 logs.tar

Send us logs.tar.gz via https://upload.lpar2rrd.com