Forum Discussion
NimbostratusAPM username and password variables not getting passed to LDAP server
I am trying to set up APM authentication over LDAP on version 11.5.1. For the policy, I have a Logon Page object and an LDAP Auth object. When I run a tcpdump, I see the Admin DN user ID get passed to the LDAP server, but I never see the username I enter on the Logon APM page in the capture. Does anyone know why the username I enter on the Logon form does not get passed to the LDAP server?
Thanks.
4 Replies
Michael_JenkinsCirrostratus
What's your
object setup look like in the VPE? Which fields do you have populated? Do you haveLDAP Auth
enabled in the VPE object to see if that gives you any better error message?extended errors
mnb_63148Thanks, Michael for responding. On the logon page, I am using the username and password fields. I changed my SearchFilter to the following: (&(uid=%{session.logon.last.username}) (password=%{session.logon.last.password})). I am now able to see the credentials being passed to the LDAP server in the packet capture. I am still unable to login, but at least I am seeing the credentials in the capture. I am waiting to hear back from the LDAP server owner to determine what he is seeing on the server side. I will keep you posted.
cc_01_138474I have exactly the same issue here using. Ldap guy can see logs that the bind account connects but the users accounts entered via logon page dont seem to even try. Did you recall the issue you had with yours in the end?
- Michael_Jenkins
On the Ldap Query object, try leaving the
,Search Filter
, andSearch DN
blank and see if that works. If not, or if you need to have a search filter, leave the other 2 blank and try thisUser DN(sAmAccountName=%{session.logon.last.username})
