DX Unified Infrastructure Management

 View Only
  • 1.  LDAP_RESPONSE CONFIGURATION

    Posted Feb 11, 2019 07:06 PM

    Hi,

     

    I'm configuring ldap_reponse probe, according to docops it needs a domain user to connect to ldap, so we take the same user that we use in APM to connect to the domain and authenticate users. 

     

    When I Test the connection from IM console the following message appear as result of the test: 

     

    error in failed to logon user usrwildap

     

    Does this indicate that we need a user with higher privileges? or maybe there are additional configurations? 

     

    We put correctly this paramters: 

    Hostname: here I tested the hostname and ip of the ldap server. 

    Connection paramters: "Normal LDAP Connection"

    Base DN: I used the same as the realms configured in APM

    Scope: subtree

    Authentication: GSSAPI

    User: usrwildap

    password: we ensure that the password is correct

    Domian: TIM\, here if I put the name of the domain without the \ symbol, the probe didnt connect. 

     

    So I need your help to identify any mistakes with this probe. 

     

    Regards. 



  • 2.  Re: LDAP_RESPONSE CONFIGURATION

    Broadcom Employee
    Posted Feb 11, 2019 08:40 PM

    Hi ,

    Have you tried with Simple Bind 

     

    Authentication settings: select from one the following authentication types:
    SIMPLE Bind: specify distinguished username and password on the LDAP host. Example, CN=LARS, OU=USERS, DC=COMP, DC=ORG

    GSSAPI (Kerberos): depending on the operating system, the GSSAPI authentication differs

     

    Are you using SSL ?

     

    https://docops.ca.com/ca-unified-infrastructure-management-probes/ga/en/alphabetical-probe-articles/ldap_response-ldap-server-response-monitoring/ldap_response-im-configuration#ldap_responseIMConfiguration-ImportTrustedRootCACertificate

     


    Can also test with other third party tools if getting similar issues

    https://www.petri.com/test-connectivity-to-an-active-directory-domain-controller-from-pc