This discussion is archived
0 Replies Latest reply: Sep 13, 2011 8:17 AM by 887960 RSS

ILOM 3.0 Active Directory authentication (SB6000)

887960 Newbie
Currently Being Moderated
Hi

Does anyone have any experience of configuring AD user authentication under the ILOM user management/AD tab with access level obtained from the AD server? Unfortunately ILOM documentation is a bit vague as far as troubleshooting is concerned.

I am able to authenticate with AD if the defaultRole property is set to Administrator or Operator but if I set it to None (server authentication), the Administrator Group table membership is not honoured. I have double checked my group membership in AD.

These are the Trace logs from the device:

10 ActDir Log critical Tue Sep 13 07:33:25 2011 (ActDir) authentication status: auth-ERROR
9 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) server-authenticate: auth-error idx 1 cfg-server 192.168.0.45
8 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) ServerUserAuth - Error 0, error binding user to Authentication Server
7 ActDir Log critical Tue Sep 13 07:33:25 2011 (ActDir) _BindAUser: bind error. -1:-1, Can't contact LDAP server. Check cert-file, network connectivity, local date/time
6 ActDir Log critical Tue Sep 13 07:33:25 2011 (ActDir) _BindAUser: bind error. -1:-1, Can't contact LDAP server. Check cert-file, network connectivity, local date/time
5 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) server-authenticate: auth-error idx 0 cfg-server 192.168.0.44
4 ActDir Log major Tue Sep 13 07:33:25 2011 (ActDir) ServerUserAuth - Error 0, failed to validate user group access <- not sure why this is failing???
3 ActDir Log minor Tue Sep 13 07:33:25 2011 (ActDir) _BindAUser: Success joe@blogs.com    <- successful bind with AD
2 ActDir Log minor Tue Sep 13 07:33:25 2011 (ActDir) module loaded, MOD-VER:Mon Aug 3 15:57:30 PDT 2009

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points