Security

HPUX authentication with WinAD 2019 setup failure

 
cwheeler
New Member

HPUX authentication with WinAD 2019 setup failure

We are trying to setup authentication by HPUX with our Windows AD servers.
AD servers are Win2019 set to Win2016 Schema level. Using the 5.03 HPUX LDAP client.

The script did update the AD Schema (I now see new properties for user).
But it "cannot find the HPUX" because from what I see it does not add he machine account.
I tried to add the HPUX machine manually in AD and the setup script still fails.
the AD machine can ping the HPUX by name and other fw ports have been opened (there is a fw between the two)
the AD user account used for this does have Domain Admin and Schema Admin rights.

This is my command:

 

./autosetup -C "OU=uxsvr,OU=machines,OU=softvoyage,DC=winad,DC=softvoyage,DC=com" -D "CN=hpux,OU=users,OU=softvoyage,DC=winad,DC=softvoyage,DC=com" -h servername.winad.softvoyage.com -U "OU=softvoyage,DC=winad,DC=softvoyage,DC=com" -v 3

 


This is the output:

 

*Creating environment variable file /var/tmp/ldap/Bigbertha.env...
***LDAP_BINDDN=CN=hpux,OU=users,OU=softvoyage,DC=winad,DC=softvoyage,DC=com
***LDAP_BINDCRED=<editedpassword>
***LDAP_HOSTCRED=<edithostcred>
*Checking if computer account Bigbertha exists...
**ldaphostlist -L -n Bigbertha
ERROR:    LST_SEARCH_FAILED:
          Search operation failed. ADDITIONAL INFO: No such object. matched:
          DC=winad,DC=softvoyage,DC=com. 0000208D: NameErr: DSID-03100288,
          problem 2001 (NO_OBJECT), data 0, best match of:
        'DC=winad,DC=softvoy
          age,DC=com'.

ERROR: Failed checking computer entry Bigbertha: 65280

 

 

note: I have made some small edits in the above to anonymize some information... 

Any suggestions? Thanks in advance

1 REPLY 1
Saajan_d
HPE Pro

Re: HPUX authentication with WinAD 2019 setup failure

1. windows 2019 and 2016 is not support and tested for HP-UX

2. check with 636 port with autosetup

3. check whether 636, 389, kerberos ports 88. 464, 749, 750 open from the router/firewall/windows AD software firelwall end.

4. delete the computer from the AD and the recheck again with autosetup

5. check the certificate is getting provided properly with the openssl command "openssl s_client -connect <WINDOWS-AD-2019-Server-IP-Address>:636"

6. check with ldapsearch for the base DN and the DN full path whether proper or not


I am a HPE Employee

Accept or Kudo