Hi,

 

I’m running observium from the latest TurnKeyLinux distribution and I’m having some trouble getting the AD to work correctly.

I have copied the configuration from this page: http://www.observium.org/wiki/Authentication_modules#Active_Directory

And made modifications to match our environment (Changing the DN’s, suffix, prefix, groups and changed the STARTTLS to FALSE). Our AD is based on Windows 2008R2

To get it working I installed the php5-ldap on the TurnKey distribution using the apt-get install command (and did nothing else than reboot).

The normal mysql will let me login as intended (speedy and no delay) – but when switching to LDAP I initially couldn’t login “Authentication Failed” until I removed the following line from the configuration file:

$config['auth_ldap_group']  = array("CN=Observium Users,OU=Groups,DC=ad,DC=example,DC=com");

(I had of course modified it to math our configuration)

 

When removing the line I am able to login – but the login (and the following page loads) takes around 63 seconds.

 

My questions is:

·         Why is the page load taking 60+ seconds when using LDAP OR how do I troubleshoot it (seems like a timeout situation)

·         Why do I need to remove the “auth_ldap_group” line to get it to work? (not really important but nice to know)

 

Hope there is someone out that can help or point me in the right direction…

 

Best regards

Theis Andersen Samsig
Senior Solution Architect