- Community Home
- >
- Software
- >
- HPE OneView
- >
- Re: AD auth issues still
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-20-2015 03:16 AM
01-20-2015 03:16 AM
AD auth issues still
Hi All,
Really struggling to get AD auth to work despite reverting to online help and the forum!
When adding the directory I've verified the search context i'm using using using dsquery -
dsquery user -name svc_oneview
This returns
"CN=svc_oneview,OU=Service Accounts,DC=XXXXXX,DC=com"
Search context has then been configured uisng
Box 1 = CN
Box 2 = OU=Service Accounts
Box3 = DC=XXXXXX,DC=com
If i put anything other than CN in the first box it fails validation. I have tried cn=svc_oneview, just oneview etc but to no avail.
If i go with just CN, when adding the directory group it fails with 'all the servers configured for this directory are unreachable with the given credentials'
Anyone able to help?
- Tags:
- LDAP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-20-2015 04:47 AM
01-20-2015 04:47 AM
Re: AD auth issues still
No idea what the issue was - working now.
Just removed and re-added all config and all good. Strange but i'll take it!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-20-2015 06:09 AM
01-20-2015 06:09 AM
Re: AD auth issues still
While I am glad you are able to get AD auth working, the fields can be a bit confusing. Field 1 value is either UID or CN, with nothing else. This tells the LDAP Client on the appliance what type of directory you are trying to configure; either LDAP (UID) or Active Directory (CN). Field 2 is the base search context (can either be a single nested OU value [i.e. OU=admins,OU=contoso] , or up to 4 contantinated nested OU values [ i.e. OU=admins1,OU=contoso+OU=admins2,OU=contoso+OU=admins3,OU=contosoOU=admins4,OU=contoso]), and Field 3 is the root to the directory where the appliance will bind to (also using Field 2 values.)
Do know that we are working on improvements in this section of the UI.
I am an HPE employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2015 07:02 AM
01-30-2015 07:02 AM
Re: AD auth issues still
I am curious what version of the OneView appliance are you running?
We are looking to upgrade to v1.20 next week, and AD authentication is part of our upgrade plan.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-09-2015 08:36 AM - edited 06-09-2015 08:39 AM
06-09-2015 08:36 AM - edited 06-09-2015 08:39 AM
Re: AD auth issues still
Hello,
I had some issue with HP OneView and AD certificate and others authentication.
Always the same message :
"Cannot authenticate the server with the given credentials, search context and certificate.
Verify that the server is active and the user credentials, search context and certificate are correct."
After few hours, i'd decided to reboot. And now all is OK, with same parameters, accounts and certificate.
My DOMAIN is now visible in Oneview.
Version : 1.20.03
Regards,
Loïc
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2015 09:54 AM
06-26-2015 09:54 AM
Re: AD auth issues still
I am still having issues getting this to work. I have tried about every combination known to man... I can't imagine why HP would put something like this out without detailed documentation on how to set it up. I have been trying to get this working for days now... Always the same errors. I tried the reboot as well since it helped another user... This is what I have setup...
Field 1 CN
Field 2 OU=Users,OU=Domain.com
Field 3 DC=domain,DC=net
(Example:Field1: CN / UID Field2: OU=example.com, OU=Users Field3: DC=examplecorp, DC=net)
I do have directory servers setup. There is no real documentation on this part that I can find either... Requirements?
The account I want to use is in the default Users OU. I am going by what HP says shoudl be in there according to the limited documentation on this subject.
Here is the error...
Any help would be appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-01-2015 08:33 PM - edited 08-14-2015 11:10 AM
07-01-2015 08:33 PM - edited 08-14-2015 11:10 AM
Re: AD auth issues still
We do have detailed documentation on how to configure the LDAP/Active Directory Authentication feature of HP OneView. It is documented in both the User Guide (look at Appendix D on Page 402) and the Deployment and Management Guide (starting on Page 108, and I'm the author of that document). I have linked to the current versions of both.
Typical issues are DNS (wrong DNS A record for specified Domain Controllers), LDAP OU structure, and missing SSL Certs (for Secure LDAP) on Domain Controllers/LDAP Servers. You must include the OU's where the user account and directory security groups are located in the second field.
I am an HPE employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2015 05:37 PM
08-02-2015 05:37 PM
Re: AD auth issues still
Documentation provides a lot of good information on setting up the proper context for the AD authentication. I need help in getting the SSL certificate, what does it require a certificate? Is there a option to bypass the proces or at least document the process better. I have found several articals on it and all are so convoluted it not worth the time, and I'll need to start looking for another tool, life is too short to spend hours settup the SSL intergration. I may be completey stupid but I need some kind of "sock puppet" version of the directions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-10-2015 11:04 AM
08-10-2015 11:04 AM
Re: AD auth issues still
Chris, the links are not working "We are sorry but your search produced 0 results." for both. I'm also getting errors with adding AD intergration....
Verify that the server is active and the user credentials, search context and certificate are correct."
I tried just about everything. this wont be good come audit.
OneView 1.20-5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-14-2015 11:12 AM
08-14-2015 11:12 AM
Re: AD auth issues still
Links have been fixed.
Also, check to make sure you have the correct Public Certificate of your Domain Controllers. You should never export the private key, only the Base64 public cert.
I am an HPE employee