DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
2950 - LDAP Auth
- louis-m
- Topic Author
- Offline
- Member
Less
More
- Posts: 131
- Thank you received: 0
30 May 2009 11:20 #56116
by louis-m
2820 = 3.3.2_RC5
2950 = 3.2.4
2950 - LDAP Auth was created by louis-m
fw. 3.2.4 now has LDAP authentication for users.
question is......
how does it work for a win2k3+ domain? you need to have a authenticated user to query AD.
and guess what? there's no fields in the 2950 to specify the account to be used. a wireshark tap shows the router failing with invalid credentials.
question is......
how does it work for a win2k3+ domain? you need to have a authenticated user to query AD.
and guess what? there's no fields in the 2950 to specify the account to be used. a wireshark tap shows the router failing with invalid credentials.
2820 = 3.3.2_RC5
2950 = 3.2.4
Please Log in or Create an account to join the conversation.
- louis-m
- Topic Author
- Offline
- Member
Less
More
- Posts: 131
- Thank you received: 0
30 May 2009 12:58 #56119
by louis-m
2820 = 3.3.2_RC5
2950 = 3.2.4
Replied by louis-m on topic 2950 - LDAP Auth
ooooh look..... my 1000th post wahey!
right.... looking at the above. i've enable anomynous ldap requests via adsi edit for my win2k3 server.
i've now got a bind=sucess but still no joy. the router ain't letting me in even though windows is telling it to.
giving up for the day now.
right.... looking at the above. i've enable anomynous ldap requests via adsi edit for my win2k3 server.
i've now got a bind=sucess but still no joy. the router ain't letting me in even though windows is telling it to.
giving up for the day now.
2820 = 3.3.2_RC5
2950 = 3.2.4
Please Log in or Create an account to join the conversation.
- rmccardal
- Offline
- Junior Member
Less
More
- Posts: 14
- Thank you received: 0
30 May 2009 13:39 #56120
by rmccardal
Replied by rmccardal on topic 2950 - LDAP Auth
best way! get out in the sun!!!
I shall take a look at this on Monday too.
I shall take a look at this on Monday too.
Please Log in or Create an account to join the conversation.
- louis-m
- Topic Author
- Offline
- Member
Less
More
- Posts: 131
- Thank you received: 0
31 May 2009 11:16 #56126
by louis-m
2820 = 3.3.2_RC5
2950 = 3.2.4
Replied by louis-m on topic 2950 - LDAP Auth
just to let you know what i did.....
adsi to allow anonymous requests otherwise it won't work.
dsquery user to confirm correct user & ou.
in router:
Common Name Identifier = CN
Distinguished Name = OU=myou,DC=mydomain,DC=local
set user in router as case sensitive username from correct ou and set auth as LDAP in profile.
wireshark sees:
correct user/pass as bind = sucessful
wrong user/pass = invalid credentials
so the router is passing ldap and getting responses
adsi to allow anonymous requests otherwise it won't work.
dsquery user to confirm correct user & ou.
in router:
Common Name Identifier = CN
Distinguished Name = OU=myou,DC=mydomain,DC=local
set user in router as case sensitive username from correct ou and set auth as LDAP in profile.
wireshark sees:
correct user/pass as bind = sucessful
wrong user/pass = invalid credentials
so the router is passing ldap and getting responses
2820 = 3.3.2_RC5
2950 = 3.2.4
Please Log in or Create an account to join the conversation.
- vp6er
- Offline
- New Member
Less
More
- Posts: 4
- Thank you received: 0
30 Apr 2010 11:00 #61840
by vp6er
Replied by vp6er on topic LDAP / AD Authetication
Hi Folks,
Did anyone ever get to the bottom of the issue regarding authenticating against an AD domain?
I have a 2955 which I'm trying to setup LDAP authentication and I'm receiving the following error on the AD side:
LDAPMessage bindResponse(1) invalidCredentials (80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece)
Apparently the '525' error relates to user not found. I've tried all sort of additional OU info in the base Dn on the 2955 with no success.
Running out of ideas now (I did try the ldapedit hack mentioned on this thread) - can anyone offer further suggestions?
All advice greatly appreciated.
VP6er
Did anyone ever get to the bottom of the issue regarding authenticating against an AD domain?
I have a 2955 which I'm trying to setup LDAP authentication and I'm receiving the following error on the AD side:
LDAPMessage bindResponse(1) invalidCredentials (80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece)
Apparently the '525' error relates to user not found. I've tried all sort of additional OU info in the base Dn on the 2955 with no success.
Running out of ideas now (I did try the ldapedit hack mentioned on this thread) - can anyone offer further suggestions?
All advice greatly appreciated.
VP6er
Please Log in or Create an account to join the conversation.
- chrisbell
- Offline
- New Member
Less
More
- Posts: 5
- Thank you received: 0
14 Jul 2010 14:39 #62860
by chrisbell
Replied by chrisbell on topic 2950 - LDAP Auth
Did anyone ever get to the bottom of this ?
Might have to log it with support.
I can't get anything out of it on 2003 server.
Chris
Might have to log it with support.
I can't get anything out of it on 2003 server.
Chris
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek