Can't connect to Microsoft Active Directory

Hi.
I've tried several settings, but I can't connect xormon to my AD, here's the error I get:
Connecting to host: dcldap.mch.moc.sgps/10.126.26.47:389
org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090453, comment: AcceptSecurityContext error, data 52e, v3839]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090453, comment: AcceptSecurityContext error, data 52e, v3839]

LDAP setup test result: FAIL
User could not be authenticated to directory service. Please verify entered user credentials and username format so it corresponds to User Filter Attribute.

In the User Filter Attribute field, I've tried sAMAccountName and userPrincipalName, but the result is always the same.

Can you help me?

Thanks.
Luis Neves

Comments

  • check entered DNs, try to get properties with something like (replace values to match your AD):
    ldapsearch -LLL -H ldap://10.126.26.47 -D 'DOMAIN\USERNAME' -W -x -b 'dc=mch,dc=moc,dc=sgps' '(&(objectClass=user)(sAMAccountName=USERNAME))'



  • lneves
    edited November 2021
    Thanks TomasJetelina.
    I've managed to configure AD.
    But I can't log in with an AD user, I went to Settings ➡ Groups and under LDAP groups, I selected the admins and in the LDAP groups I selected the group I wanted, and save.
    But when logging in it always gives user or password error.


  • Have you tried the same username as when you tested LDAP settings before save?
  • I tryed a user name that is in the group selected MCH-SYS-ADmins
  • there is pending fix for '+' character in login form, if this is not your issue send us Xormon logs:

    Note a short problem description in the text field of the upload form.
    
    # replace lpar2rrd user with user home under which XorMon runs
    
    cd /home/lpar2rrd/xormon-data
    
    tar cvf logs.tar logs
    
    gzip -9 logs.tar
    
    Send us logs.tar.gz via https://upload.lpar2rrd.com

Sign In or Register to comment.