0 Replies Latest reply: Sep 13, 2011 10:17 AM by 887960 RSS

    ILOM 3.0 Active Directory authentication (SB6000)

    887960
      Hi

      Does anyone have any experience of configuring AD user authentication under the ILOM user management/AD tab with access level obtained from the AD server? Unfortunately ILOM documentation is a bit vague as far as troubleshooting is concerned.

      I am able to authenticate with AD if the defaultRole property is set to Administrator or Operator but if I set it to None (server authentication), the Administrator Group table membership is not honoured. I have double checked my group membership in AD.

      These are the Trace logs from the device:

      10 ActDir Log critical Tue Sep 13 07:33:25 2011 (ActDir) authentication status: auth-ERROR
      9 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) server-authenticate: auth-error idx 1 cfg-server 192.168.0.45
      8 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) ServerUserAuth - Error 0, error binding user to Authentication Server
      7 ActDir Log critical Tue Sep 13 07:33:25 2011 (ActDir) _BindAUser: bind error. -1:-1, Can't contact LDAP server. Check cert-file, network connectivity, local date/time
      6 ActDir Log critical Tue Sep 13 07:33:25 2011 (ActDir) _BindAUser: bind error. -1:-1, Can't contact LDAP server. Check cert-file, network connectivity, local date/time
      5 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) server-authenticate: auth-error idx 0 cfg-server 192.168.0.44
      4 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) ServerUserAuth - Error 0, failed to validate user group access <- not sure why this is failing???
      3 ActDir Log minor Tue Sep 13 07:33:25 2011 (ActDir) _BindAUser: Success joe@blogs.com    <- successful bind with AD
      2 ActDir Log minor Tue Sep 13 07:33:25 2011 (ActDir) module loaded, MOD-VER:Mon Aug 3 15:57:30 PDT 2009