Issue with OneView 3.10 and trying to add AD group

sysadmin4151 · ‎07-28-2017

I was able to add the directory itself, but fail to add a group for authentication. I have verified the group name as well as the CN. I can find the group using other ldap tools.

Any ideas?

I get one of the following errors, depending on what I input.

Unable to find the group CN=PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net in the enterprise directory office.

or

Invalid search input [CN=Copy of test,CN=Definitions,CN=5.0,CN=StorageCentral SRM,CN=WQuinn,DC=domain1,DC=domain2,DC=domain3,DC=net], was provided with the input.

Which the CN listed isn't even in our domain.

I tried, the following formats;

CN=PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net,OU=OU4,OU=OU3,OU=U2,OU=OU1,DC=office,DC=adroot,DC=bmogc,DC=net

CN=PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net

PTI - Y&Q ADF Administrator@domain1.domain2.domain3.net

CN=PTI - Y&Q ADF Administrator,OU=OU4,OU=OU3,OU=U2,OU=OU1,DC=office,DC=adroot,DC=bmogc,DC=net

CN=PTI - Y&Q ADF Administrator,OU=OU4,OU=OU3,OU=U2,OU=OU1

None of which work.

Here is the directory settings

Directory= domain1

Directory Type = Active Directory

Base DN = DC=domain1,DC=domain2,DC=domain3,DC=net

IP or host name = domain1.domain2.domain3.net

Port: 636

sysadmin4151 · ‎07-28-2017

My theory is its the ampersand(&), I'm not sure how to make it work with the ampersand. I tried a different group without an ampersand and it worked.

ChrisLynchHPE · ‎07-31-2017

That certainly looks like a defect. The & (Aapersand) is a legal character for LDAP distinguished names. My only suggest for you is to remove the & character from your group name until we release a fix.

ChrisLynchHPE · ‎07-31-2017

Also, can you please open a support case?

ChrisLynchHPE · ‎08-23-2017

I wanted to follow up on this. We haven't been able to reproduce this issue. If you are still experiencing this issue, please open a support case, and you will need to supply an appliance Support Dump.