LDAP Integration

  1. 3 months ago
    Edited 3 months ago by eurotrash

    Hi,

    I am working on LDAP integration for our CloneDeploy Windows 1.3.0. But it doesnt seem go my way.

    In the log i see several failed attempts to logon. So the LDAP isnt working.

    I have enabled LDAP authentication -> security along with following settings:

    LDAP Server: company.local (the server hosting CD is able connect to domain controller via port 389 and query for AD info)
    LDAP Port: 389 (Standard LDAP port)
    LDAP Authentication Attribute: UID (I am a bit uncertain about this one?)
    LDAP Base DN: DC=company,DC=local
    LDAP Authentication Type: Basic

    I have also made a group with administrator privileges and ticked off Use LDAP Group. In the LDAP Group Name is have given the name of our AD group.

    Can you help? The log doesnt tell a lot about what/why is failing.

    Questions?

    Can you explain what the Use LDAP Authentication setting is used for in general menu for a user? (in another post it says users will be created if a succesful logon is done via LDAP logon)

    What account is CD using when doing these LDAP lookups? This usually done with a AD account. (Have this something to do with the setting i have asked about above?)
    LDAPbindDN og LDAPbindDNPassword

    And when logging in... Do you use the domain prefix or just the AD accountname?

  2. clonedeploy

    Feb 3 Administrator

    For the authentication attribute you probably want samaccountname.

    Can you explain what the Use LDAP Authentication setting is used for in general menu for a user? (in another post it says users will be created if a succesful logon is done via LDAP logon)

    When adding individual users, you need to check this box if it's an ldap account, if using ldap groups you don't need to add users, they will automatically be added when they try to login

    What account is CD using when doing these LDAP lookups? This usually done with a AD account. (Have this something to do with the setting i have asked about above?)

    It uses the account for the user trying to login

    And when logging in... Do you use the domain prefix or just the AD accountname?

    Just account name

  3. Thank you.

    What worked for me though was setting the LDAP Authentication Type: to Secured. When this was set everything worked at once. So I recommend setting this if you are running a std. MS active directory setup.

 

or Sign Up to reply!