fw. 3.2.4 now has LDAP authentication for users.

question is......
how does it work for a win2k3+ domain? you need to have a authenticated user to query AD.
and guess what? there's no fields in the 2950 to specify the account to be used. a wireshark tap shows the router failing with invalid credentials.

ooooh look..... my 1000th post wahey!

right.... looking at the above. i've enable anomynous ldap requests via adsi edit for my win2k3 server.
i've now got a bind=sucess but still no joy. the router ain't letting me in even though windows is telling it to.
giving up for the day now.

best way! get out in the sun!!!

I shall take a look at this on Monday too.

just to let you know what i did.....

adsi to allow anonymous requests otherwise it won't work.
dsquery user to confirm correct user & ou.

in router:

Common Name Identifier = CN
Distinguished Name = OU=myou,DC=mydomain,DC=local

set user in router as case sensitive username from correct ou and set auth as LDAP in profile.

wireshark sees:
correct user/pass as bind = sucessful
wrong user/pass = invalid credentials

so the router is passing ldap and getting responses

Hi Folks,

Did anyone ever get to the bottom of the issue regarding authenticating against an AD domain?

I have a 2955 which I'm trying to setup LDAP authentication and I'm receiving the following error on the AD side:

LDAPMessage bindResponse(1) invalidCredentials (80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece)

Apparently the '525' error relates to user not found. I've tried all sort of additional OU info in the base Dn on the 2955 with no success.

Running out of ideas now (I did try the ldapedit hack mentioned on this thread) - can anyone offer further suggestions?

All advice greatly appreciated.

VP6er

Did anyone ever get to the bottom of this ?

Might have to log it with support.

I can't get anything out of it on 2003 server.

Chris