Hi everyone, I know this subject is touched on in the past but any help from anyone who has this working would be appreciated.
I've been following the FAQ for LDAP login via Active Directory but I always come across the same error. Fatal error: LDAP TLS required but not successfully negotiated [Connect error]
In /debug, I see that it connects but then inserts a line saying that Auth failed. https://doc.rotten.soy/buqar.vhdl
In my Windows Server 2012 R2 box, I see this line come up in the Event Viewer: "A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10."
This is one of the more recent configs I've tried. https://doc.rotten.soy/wosej.php
My filtered dsquery information is... https://doc.rotten.soy/inure.tex
Things I've tried modifying: auth_ldap_binddn, I've tried changing this but this doesn't seem to be my problem since it appears to connect. (Should I have some kind of special rights for this user)? auth_ldap_suffix, This one I'm not sure exactly what the string is looking for. The actual CN of a user won't include the CN=Builtin. I've tried without. auth_ldap_group, tried with and without Domain Users CN. auth_ldap_groups, tried the full LDAP path and also just the "Domain Admins"/"Domain Users"
What am I missing? :(
Any help is greatly appreciated in what I am doing wrong. Is it a problem with my Server 2012 install and something I need to change? Is it a problem in one of the packages installed for Observium?
Cody
I hate sending e-mails and then getting it almost right after. I turned starttls to false which then showed me more in debug, then I worked my way through getting groups to auth and now I'm in. final AD config https://doc.rotten.soy/tovem.php
Is it recommended to delete the local user accounts and just use the LDAP users?
On Mon, Nov 9, 2015 at 9:00 AM, Cody Cook observium@codycook.us wrote:
Hi everyone, I know this subject is touched on in the past but any help from anyone who has this working would be appreciated.
I've been following the FAQ for LDAP login via Active Directory but I always come across the same error. Fatal error: LDAP TLS required but not successfully negotiated [Connect error]
In /debug, I see that it connects but then inserts a line saying that Auth failed. https://doc.rotten.soy/buqar.vhdl
In my Windows Server 2012 R2 box, I see this line come up in the Event Viewer: "A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10."
This is one of the more recent configs I've tried. https://doc.rotten.soy/wosej.php
My filtered dsquery information is... https://doc.rotten.soy/inure.tex
Things I've tried modifying: auth_ldap_binddn, I've tried changing this but this doesn't seem to be my problem since it appears to connect. (Should I have some kind of special rights for this user)? auth_ldap_suffix, This one I'm not sure exactly what the string is looking for. The actual CN of a user won't include the CN=Builtin. I've tried without. auth_ldap_group, tried with and without Domain Users CN. auth_ldap_groups, tried the full LDAP path and also just the "Domain Admins"/"Domain Users"
What am I missing? :(
Any help is greatly appreciated in what I am doing wrong. Is it a problem with my Server 2012 install and something I need to change? Is it a problem in one of the packages installed for Observium?
Cody
participants (1)
-
Cody Cook