Valid configuration for Active-Directory? - Klaros Test Management - Forum - Klaros-Testmanagement
Valid configuration for Active-Directory?
Paul H, geändert vor 10 Jahren.
Valid configuration for Active-Directory?
Youngling Beiträge: 3 Beitrittsdatum: 05.08.14 Neueste Beiträge
Hi,
the user-manual (@ page 2) states:
.
My environment is Klaros 4.2.3-Enterprise-Trial. I can't configure the AD-Login, the message is
Can you give me an example for a valid AD-Config? Especially the value for "User Password Attribute" should be clarified for AD!
The other values I received from the admins:
Thank You!
Paul H.
the user-manual (@ page 2) states:
Klaros-Testmanagement Enterprise Edition can authencate users against an external LDAP/Active Directory system which contains the passwords of the users
My environment is Klaros 4.2.3-Enterprise-Trial. I can't configure the AD-Login, the message is
The authentication with the LDAP server has failed
Can you give me an example for a valid AD-Config? Especially the value for "User Password Attribute" should be clarified for AD!
The other values I received from the admins:
- Server Address mydomain.local
- Server Port: 389
- Bind DN: CN=Paul H,CN=Users,DC=mydomain,DC=local
- Bind Credentials: MyPassword
- User Search Attribute: samAccountName
- User Name Attribute: cn
- User Context DN: cn=Users,dc=mydomain,dc=local
- User Object Classes: person,uidObject
- User DN Prefix: samAccountName=
- User DN Suffix: cn=Users,dc=mydomain,dc=local
- Full Name Attribute: cn
- Email Attribute: mail
Thank You!
Paul H.
Fabian Klaffke, geändert vor 10 Jahren.
RE: Valid configuration for Active-Directory?
Padawan Beiträge: 92 Beitrittsdatum: 31.08.12 Neueste Beiträge
Hi Paul,
The warning message "The authentication with the LDAP server has failed" can have a variety of causes. Could you please send the log files of Klaros-Testmanagement to support@verit.de? These files should contain a more descriptive error message that will help us configuring your LDAP/AD integration.
The section Important file locations in the documentation describes the location of the folders containing the log files.
Regards,
Fabian
The warning message "The authentication with the LDAP server has failed" can have a variety of causes. Could you please send the log files of Klaros-Testmanagement to support@verit.de? These files should contain a more descriptive error message that will help us configuring your LDAP/AD integration.
The section Important file locations in the documentation describes the location of the folders containing the log files.
Regards,
Fabian
Torsten Stolpmann, geändert vor 10 Jahren.
RE: Valid configuration for Active-Directory?
Jedi Council Member Beiträge: 759 Beitrittsdatum: 12.02.09 Neueste Beiträge
Hi Paul,
your User DN Suffix is missing a leading comma as in: ,cn=Users,dc=mydomain,dc=local
The idea behind this is that the concatenation of <User DN Prefix><Result of User Name Attribute lookup using User Search Attribute><User DN Suffix> is giving you a valid DN to authenticate.
So from here I would say the following should work for you (leaving out unchanged fields):
User Search Attribute: samAccountName
User Name Attribute: cn
User DN Prefix: cn=
User DN Suffix: ,cn=Users,dc=mydomain,dc=local
User Password Attribute: unicodePwd
User Password Attribute is the attribute containing the password(hash) in your AD.
AD (rightfully to hinder attacks) has the nasty habit to not deliver meaningful error messages for unsuccessful authentications so troubleshooting is really cumbersome.
Hope this helps, please let me know if this works for you or you need additional help.
Torsten
your User DN Suffix is missing a leading comma as in: ,cn=Users,dc=mydomain,dc=local
The idea behind this is that the concatenation of <User DN Prefix><Result of User Name Attribute lookup using User Search Attribute><User DN Suffix> is giving you a valid DN to authenticate.
So from here I would say the following should work for you (leaving out unchanged fields):
User Search Attribute: samAccountName
User Name Attribute: cn
User DN Prefix: cn=
User DN Suffix: ,cn=Users,dc=mydomain,dc=local
User Password Attribute: unicodePwd
User Password Attribute is the attribute containing the password(hash) in your AD.
AD (rightfully to hinder attacks) has the nasty habit to not deliver meaningful error messages for unsuccessful authentications so troubleshooting is really cumbersome.
Hope this helps, please let me know if this works for you or you need additional help.
Torsten
Paul H, geändert vor 10 Jahren.
RE: Valid configuration for Active-Directory?
Youngling Beiträge: 3 Beitrittsdatum: 05.08.14 Neueste Beiträge
Hi Torsten, Hi Fabian,
thank you about the missing-comma hint! Also I've changed the other attributes to your suggestions. But, no luck; the same ldap-error-message consists
Now I will ask the admins about the logs (like Fabian recommends). Hopefully they contain some AD messages.
Until then,
Paul
thank you about the missing-comma hint! Also I've changed the other attributes to your suggestions. But, no luck; the same ldap-error-message consists
Now I will ask the admins about the logs (like Fabian recommends). Hopefully they contain some AD messages.
Until then,
Paul
Torsten Stolpmann, geändert vor 10 Jahren.
RE: Valid configuration for Active-Directory?
Jedi Council Member Beiträge: 759 Beitrittsdatum: 12.02.09 Neueste Beiträge
Hi Paul,
did you make any progress with your AD connection?
Regards,
Torsten
did you make any progress with your AD connection?
Regards,
Torsten