HPE Community
HPE OneView
1753511 Members
5194 Online
108795 Solutions
New Discussion юеВ

Re: Issue with OneView 3.10 and trying to add AD group

 
sysadmin4151
Advisor

тАО07-28-2017 09:28 AM

тАО07-28-2017 09:28 AM

Issue with OneView 3.10 and trying to add AD group

I was able to add the directory itself, but fail to add a group for authentication. I have verified the group name as well as the CN. I can find the group using other ldap tools.

Any ideas?

I get one of the following errors, depending on what I input.

 

Unable to find the group CN=PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net in the enterprise directory office.

or

Invalid search input [CN=Copy of test,CN=Definitions,CN=5.0,CN=StorageCentral SRM,CN=WQuinn,DC=domain1,DC=domain2,DC=domain3,DC=net], was provided with the input.

Which the CN listed isn't even in our domain.

I tried, the following formats;

CN=PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net,OU=OU4,OU=OU3,OU=U2,OU=OU1,DC=office,DC=adroot,DC=bmogc,DC=net

CN=PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net

PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net

CN=PTI - Y&Q ADF Administrator,OU=OU4,OU=OU3,OU=U2,OU=OU1,DC=office,DC=adroot,DC=bmogc,DC=net

CN=PTI - Y&Q ADF Administrator,OU=OU4,OU=OU3,OU=U2,OU=OU1

None of which work.

Here is the directory settings

Directory= domain1

Directory Type = Active Directory

Base DN = DC=domain1,DC=domain2,DC=domain3,DC=net

IP or host name = domain1.domain2.domain3.net

Port: 636

1 person had this problem.
0 Kudos
Reply
5 REPLIES 5
sysadmin4151
Advisor

тАО07-28-2017 11:05 AM

тАО07-28-2017 11:05 AM

Re: Issue with OneView 3.10 and trying to add AD group

My theory is its the ampersand(&), I'm not sure how to make it work with the ampersand. I tried a different group without an ampersand and it worked.

0 Kudos
Reply
ChrisLynch
HPE Pro

тАО07-31-2017 10:07 AM - edited тАО07-31-2017 10:10 AM

тАО07-31-2017 10:07 AM - edited тАО07-31-2017 10:10 AM

Re: Issue with OneView 3.10 and trying to add AD group

That certainly looks like a defect.  The & (Aapersand) is a legal character for LDAP distinguished names.  My only suggest for you is to remove the & character from your group name until we release a fix.


I am an HPE employee

Accept or Kudo

0 Kudos
Reply
ChrisLynch
HPE Pro

тАО07-31-2017 10:18 AM

тАО07-31-2017 10:18 AM

Re: Issue with OneView 3.10 and trying to add AD group

Also, can you please open a support case?


I am an HPE employee

Accept or Kudo

0 Kudos
Reply
ChrisLynch
HPE Pro

тАО08-23-2017 08:13 PM

тАО08-23-2017 08:13 PM

Re: Issue with OneView 3.10 and trying to add AD group

I wanted to follow up on this.  We haven't been able to reproduce this issue.  If you are still experiencing this issue, please open a support case, and you will need to supply an appliance Support Dump.


I am an HPE employee

Accept or Kudo

0 Kudos
Reply
memogarcia
Occasional Visitor

тАО06-28-2018 02:25 AM - edited тАО06-28-2018 04:25 AM

тАО06-28-2018 02:25 AM - edited тАО06-28-2018 04:25 AM

Re: Issue with OneView 3.10 and trying to add AD group

Hi, is there any updates on this issue? I'm having the exact same issue while connecting to OpenLDAP, the query that OneView seems to be making doesn't even matches the group I'm using

SRCH base="ou=Users,dc=acc,dc=gvp,dc=domain,dc=com" scope=2 deref=3 filter="(|(member=uid=user,ou=users,dc=acc,dc=gvp,dc=kpn,dc=org)(uniqueMember=uid=user,ou=users,dc=acc,dc=domain,dc=com))"

and my groups are:

cn=nfvi_users,dc=Groups,dc=acc,dc=gvp,dc=domain,dc=com

 I'm using OneView  3.10.04-0299553

And I'm missing something on the configuration maybe? 

Edit 1:

Yes, It was a misconfiguration, I did not add the ou=groups to my OneView configuration. but now I have another question.

Is OneView always making not-bind queries to OpenLDAP? some other tools like SSSD allows you to make binded queries, does OneView supports this as well?

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.