Hi Adriaan,
well, I can login with my AD username. So the ldap bind_user and bind_pw are correct. Iptables/Selinux are disabled on Observium server. What version of observium are you using?
Regards,
Christian
Am 11-11-2013 10:50, schrieb Adriaan Smuts:
Hi Christian,
I checked your config and it looks exactly (just different order) the same as mine:
// Authentication Model $config['auth_mechanism'] = "ldap"; // default, other options: ldap, http-auth, please see documentation for config help
// LDAP Authentication $config['auth_ldap_binddn'] = "cn=ldap_username,ou=Applications,ou=Users,ou=Cape Town,ou=EXAMPLE,dc=corp,dc=EXAMPLE,dc=com"; $config['auth_ldap_bindpw'] = "**********";
$config['auth_ldap_attr']['uid'] = "sAMAccountName"; $config['auth_ldap_attr']['uidNumber'] = "objectSid"; $config['auth_ldap_attr']['cn'] = "name"; $config['auth_ldap_objectclass'] = "person";
$config['auth_ldap_version'] = 3; $config['auth_ldap_server'] = "dc.EXAMPLE.com"; $config['auth_ldap_port'] = 389; $config['auth_ldap_starttls'] = false;
$config['auth_ldap_prefix'] = "CN="; $config['auth_ldap_suffix'] = ",OU=Departments,OU=Users,OU=Cape Town,OU=EXAMPLE,DC=corp,DC=EXAMPLE,DC=com"; $config['auth_ldap_group'] = "ou=role,ou=security,ou=global,ou=EXAMPLE, dc=corp,dc=EXAMPLE, dc=com"; $config['auth_ldap_groupbase'] = "ou=role,ou=security,ou=global,ou=EXAMPLE, dc=corp,dc=EXAMPLE, dc=com";
$config['auth_ldap_groupmembertype'] = "fulldn"; $config['auth_ldap_groupmemberattr'] = "member";
$config['auth_ldap_groups']['Observium-Admins']['level'] = 10; $config['auth_ldap_groups']['Observium-Users']['level'] = 7; $config['auth_ldap_groups']['Observium-Limited']['level'] = 0;
This is going to sound stupid, but did you open the firewall on your Observium and domain controller to allow ldap/389? I would suggest checking that basics, on the DC confirm that Observium is connecting to ldap. I struggled with this for almost 2days before I got mine working.
Regards
Adriaan Smuts Junior Systems Administrator
Direct Line +27 21 464 9565 Reception 0861 555 222 Website www.webafrica.co.za