Forum Discussion
Wintrode_61162
Apr 14, 2011Nimbostratus
Windows AD/LDAP Problems
When I bind and query from the F5 using ldapsearch...it works, but when I configure the F5 to use it for auth I get an error:
Apr 14 12:57:59 local/f5devicename alert httpd[19973]: pam_unix(httpd:account): could not identify user (from getpwnam(186137))
Apr 14 12:57:59 local/f5devicename err httpd[19973]: [error] [client 10.10.242.44] AUTHCACHE PAM: user '186137' - invalid account: Authentication failure, referer: https://f5devicename/tmui/login.jsp?msgcode=1&
I see a different series of log entries when I enter a known bad ID, so this leads me to believe I am authenticating, but the F5 either does not like my all s ID, or something else is going on. Any thoughts?
- hoolioCirrostratusCan you post your sanitized admin auth config from /config/bigip_sys.conf? You could try comparing a tcpdump of your manual ldapsearch with the request LTM sends during its auth attempt.
- Wintrode_61162NimbostratusOk, so with the TCP dump I see the initial binding with my hard-coded credentials that conducts the lookup on the samaccountname. I then see a successful bind of the samaccountname entered at the login prompt. Then another bind of the hard-coded credentials.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects