Forum Discussion
hooleylist
Dec 09, 2009Cirrostratus
I tried testing this today, but couldn't get the first auth profile working! Here is a copy of the test config:
auth ldap ad_ldap_auth_config {
debug enable
search base dn "CN=Users,DC=example,DC=net"
bind dn "CN=Administrator,CN=Users,DC=example,DC=net"
bind pw "my_account"
login attr "sAMAccountName"
check host attr enable
group dn "CN=bigip_users_1,CN=Users,DC=example,DC=net"
servers "1.1.1.1"
}
Looking at a tcpdump from the AD server, the initial bind works, but then LTM seems to try to rebind as the user and looks for an attributeDesc of uniquemember which doesn't exist and causes an LDAP error.
If you get a chance, could you post an anonymized copy of your auth profiles from the bigip.conf file?
Thanks,
Aaron