el 01-16-2014 12:18 PM
I've setup our Cisco 5508 controller with LDAP settings. Attached are screenshots of the setup. It seems as if the authentication is failing because the controller is adding a "5c" before my username and after my domain name. Any help is much appreciated.
Below are debugs showing what it does:
*aaaQueueReader: Jan 16 12:27:27.538: AuthenticationRequest: 0x2c74abc0
*aaaQueueReader: Jan 16 12:27:27.538: Callback.....................................0x10e475f0
*aaaQueueReader: Jan 16 12:27:27.538: protocolType.................................0x00100002
*aaaQueueReader: Jan 16 12:27:27.538: proxyState...................................68:A3:C4:0F:BD:14-00:00
*aaaQueueReader: Jan 16 12:27:27.538: Packet contains 2 AVPs (not shown)
*LDAP DB Task 1: Jan 16 12:27:27.538: ldapTask [1] received msg 'REQUEST' (2) in state 'IDLE' (1)
*LDAP DB Task 1: Jan 16 12:27:27.538: LDAP server 1 changed state to INIT
*LDAP DB Task 1: Jan 16 12:27:27.538: LDAP_OPT_REFERRALS = -1
*LDAP DB Task 1: Jan 16 12:27:27.538: ldapInitAndBind [1] called lcapi_init (rc = 0 - Success)
*LDAP DB Task 1: Jan 16 12:27:27.542: ldapInitAndBind [1] configured Method Authenticated lcapi_bind (rc = 0 - Success)
*LDAP DB Task 1: Jan 16 12:27:27.542: LDAP server 1 changed state to CONNECTED
*LDAP DB Task 1: Jan 16 12:27:27.542: disabled LDAP_OPT_REFERRALS
*LDAP DB Task 1: Jan 16 12:27:27.542: LDAP_CLIENT: UID Search (base=CN=Users,DC=lexis,DC=com, pattern=(&(objectclass=Person)(sAMAccountName=HBLEXIS\5cjoseph.spoon)))
*LDAP DB Task 1: Jan 16 12:27:27.543: LDAP_CLIENT: ldap_search_ext_s returns 0 -5
*LDAP DB Task 1: Jan 16 12:27:27.543: LDAP_CLIENT: Returned 1 msgs including 0 references
*LDAP DB Task 1: Jan 16 12:27:27.543: LDAP_CLIENT: Returned msg 1 type 0x65
*LDAP DB Task 1: Jan 16 12:27:27.544: LDAP_CLIENT : No matched DN
*LDAP DB Task 1: Jan 16 12:27:27.544: LDAP_CLIENT : Check result error 0 rc 1013
*LDAP DB Task 1: Jan 16 12:27:27.544: LDAP_CLIENT: Received no referrals in search result msg
*LDAP DB Task 1: Jan 16 12:27:27.544: LDAP_CLIENT: Received 1 attributes in search result msg
*LDAP DB Task 1: Jan 16 12:27:27.544: ldapAuthRequest [1] called lcapi_query base="CN=Users,DC=lexis,DC=com" type="Person" attr="sAMAccountName" user="HBLEXIS\5cjoseph.spoon" (rc = 0 - Success)d<-------------------------------------------------putting 5c in front
*LDAP DB Task 1: Jan 16 12:27:27.544: Handling LDAP response Authentication Failed
*LDAP DB Task 1: Jan 16 12:27:27.544: Authenticated bind : Closing the binded session
*LDAP DB Task 1: Jan 16 12:27:27.544: ldapClose [1] called lcapi_close (rc = 0 - Success)
*LDAP DB Task 1: Jan 16 12:27:27.544: LDAP server 1 changed state to IDLE
¡Resuelto! Ir a solución.
el 02-10-2014 01:12 PM
Glad to see this is resolved.
el 01-21-2014 03:50 PM
I see now what the problem was. I was trying to use an 802.1x connection directly to the LDAP server instead of through RADIUS. I have it up and working now in the production network.
Thanks
el 02-10-2014 01:12 PM
Glad to see this is resolved.
Descubra y salve sus notas favoritas. Vuelva a encontrar las respuestas de los expertos, guías paso a paso, temas recientes y mucho más.
¿Es nuevo por aquí? Empiece con estos tips. Cómo usar la comunidad Guía para nuevos miembros
Navegue y encuentre contenido personalizado de la comunidad