1 Reply Latest reply on Nov 21, 2016 12:20 PM by abanaru

    OpenLdap Authentication bind user

    yota79

      Hi,

       

      I'd like to know the correct configuration for use the openldap authentication. I have the McAfee Siem 4600 .

       

      In the configuration -> Login Security -> LDAP  I insert this value :

       

      Enabled

      IP Address -> Ip address of ldap server

      Port -> 389 ( standard port of ldap )

      Base Domain Name -> dc=local,dc=com

      Group Attribute -> cn=admins,ou=Group,dc=local,dc=com ( here I insert the group that the user belong , group admins)

      Group Filter -> (&(objectClass=posixGroup)(memberUid=<<username>>))    (  This is the default value , to check if the user is belong to group admins )

      User Filter -> (&(ou=People,dc=local,dc=com)(uid=<<username>>))   ( Where to find the user, under People ).

       

      But on the /var/log/messages i found this

       

      Nov 17 16:12:21 McAfee pdns_recursor[1721]: Failed to update . records, RCODE=2

      Nov 17 16:13:02 McAfee cac.pl: Info: Called with getmode

      Nov 17 16:13:02 McAfee ldapinit: LDAPINIT: logged in okay!  connection successful

      Nov 17 16:13:02 McAfee ldapinit: success=NotOk LDAP Bind:  Code(34) invalid DN

      Nov 17 16:13:02 McAfee ldapinit: success=NotOk LDAP Bind:  Code(49) Invalid credentials

      Nov 17 16:13:02 McAfee last message repeated 3 times

      Nov 17 16:13:02 McAfee cpserviced[2340]: NotOk LDAP Bind: Code(49) Invalid credentials

      Nov 17 16:13:02 McAfee libESSDB.so[2340]: User_Login - Invalid login - user1

       

      Where I can set the bind user to check if my username and the password is correct ?