Forum Discussion
nitass
Jul 06, 2012Employee
the configuration looks okay to me. if i were you, i would try normal ldap (plain text) and capture packet to see what wrong is.
this is my configuration.
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list auth source
auth source {
type active-directory
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list auth remote-user
auth remote-user {
default-role admin
remote-console-access tmsh
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list auth ldap
auth ldap system-auth {
bind-dn cn=administrator,cn=users,dc=abc,dc=com
bind-pw password
login-attribute samaccountname
port 636
search-base-dn DC=abc,DC=com
servers { 172.28.19.78 }
ssl enabled
}
[root@ve11a:Active:In Sync] config tail /var/log/secure
Jul 6 19:28:03 ve11a notice httpd[31839]: 01070417:5: AUDIT - user tasmania - RAW: httpd(mod_auth_pam): user=tasmania(tasmania) partition=[All] level=Administrator tty=/usr/bin/tmsh host=192.168.206.55 attempts=1 start="Fri Jul 6 19:28:03 2012".