BladeSystem - General

OA login through LDAP

Occasional Contributor

OA login through LDAP

I've been trying to integrate OpenLDAP server (on Centos) with Onboard Administrator.I've already setup slapd server with SSL support, loaded selfcreate certificates onto OA and created simple directory structure. When testing directory setting within OA I'm able to pass all the tests but User Authorization. I've tried to do some research to solve the problem but haven't found anything useful yet. Message from OA is like that:

"Initiating Directory Settings diagnostic for server
Accepting Directory Server certificate for /C=pl/ST=ds/L=wroclaw/O=nk/OU=infra/CN=hpsim/ signed by /C=pl/ST=ds/O=nk/OU=infra/CN=hpsim/
Warning: certificate does not match Directory Server Address

Test user cn=tlemanski,ou=users,dc=nk,dc=pl authenticated.
Unable to authorize test user.
Some diagnostics FAILED for server
Tests complete.

I can provide more information if needed. Any help will be appreciated.
Honored Contributor

Re: OA login through LDAP

OA firmware v2.51?
Occasional Contributor

Re: OA login through LDAP

Was it a suggestion or question ? ;)
Currently we have 2.41 within this enclosure.
Honored Contributor

Re: OA login through LDAP

well, it was more of a question I guess. Looking at the release notes there doesn't appear to be any fixes related to LDAP in 2.51 so I'm not sure upgrading will necessarily help.

I know that LDAP authentication works with MS AD as I've messed with that before but don't have any exposure to OpenLDAP.

Have you tried tweaking your search strings or tried using a different username format?
Occasional Contributor

Re: OA login through LDAP

Yep, I have already tried it.

This is my simple config:

dn: dc=nk,dc=pl
objectClass: top
objectClass: organization
objectClass: dcObject
dc: nk
o: New Kent

# groups,
dn: ou=groups,dc=nk,dc=pl
objectClass: organizationalUnit
ou: groups
description: Ludzie

# people,
dn: ou=people,dc=nk,dc=pl
objectClass: organizationalUnit
ou:: cGVvcGxlIA==
description: Ludziska

# smith, people,
dn: cn=smith,ou=people,dc=nk,dc=pl
objectClass: person
cn: smith
sn: smyf
userPassword:: ZHVwYQ==

# itpeople, groups,
dn: cn=itpeople,ou=groups,dc=nk,dc=pl
objectClass: groupOfNames
cn: itpeople
description: IT GROUP
member: cn=smith,ou=people,dc=nk,dc=pl

# root,
dn: cn=root,dc=nk,dc=pl
objectClass: organizationalRole
cn: root

# search result
search: 2
result: 0 Success

# numResponses: 7
# numEntries: 6

In OA I've got:
Directory Group:
Directory Settings:
Search context:

Certificate is uploaded and I'my trying to log with user smith with password setup within his entry.