- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Servers - General
- >
- Re: Console Switch Active Directory problems
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-12-2005 08:44 PM
тАО05-12-2005 08:44 PM
Console Switch Active Directory problems
we finally managed to integrate the console switch into our active directory, but discovered a really annoying limitation:
It looks like the LDAP software cannot handle queries that contain commas and slashes (, and /). If we try to authenticate with an account that has these special characters in its name, authentication will fail. If we remove the special characters from the account name it works like expected.
Is there any workaround for this issue? Whom should I contact to have this obvious bug fixed?
Thanks and best regards,
Andreas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-16-2005 06:20 AM
тАО05-16-2005 06:20 AM
Re: Console Switch Active Directory problems
You will have limitations and it is not considered a bug. The names of security principal objects can contain all Unicode characters except the special LDAP characters defined in RFC 2253. This list of special characters includes: a leading space; a trailing space; and any of the following characters: # , + " \ < > ;
This link can be used as a starting place for further information:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/232d2aab-b33b-4bf7-9c8c-bb659bf6a35b.mspx
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-16-2005 06:24 AM
тАО05-16-2005 06:24 AM
Re: Console Switch Active Directory problems
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-19-2005 07:52 PM
тАО05-19-2005 07:52 PM
Re: Console Switch Active Directory problems
thank you for your answer.
Let me elaborate on our situation.
The user accounts (several 10.000) in our AD all have commas and slashes in their "distinguished name" (the cn-attribute), but not in the account name (the sAMaccountname-attribute). At least in Europe it is very common to have a string like "Surname, Forename..." as cn-attribute, so I don't think that this is a very unusual situation.
It is FALSE that the cn-attribute must not contain special characters. It is TRUE that special characters in attributes must be masked (e.g. with a preceding backslash). Please see RFC2254 for details.
If an application queries the AD for a cn-name via LDAP that contains special characters it will receive an answer that is correctly masked.
The problem now is that the application does not correctly interpret the masking characters or just ignores or removes them before it re-uses the answer for later queries. If it correctly preserved the masking subsequent LDAP queries would not fail.
So, this is indeed a bug in the console switch software.
Let me repeat my original question: I want to address that issue to the developers. I do not insist on having it fixed. I just want to be helpful and increase the chance that this bug will be fixed in a future update of the software, so that it might be of use for us some day.
Whom should I contact to achieve this?
Thank you and best regards
Andreas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2005 04:00 AM
тАО05-23-2005 04:00 AM
Re: Console Switch Active Directory problems
Thank you so much for the additional information in your last email. I have forwarded this info to the developer. We will confirm this issue and hope to have a bug fix in the next release or future product. If we need additional information regarding this issue can we contact you through this forum?
Regards,
Alex
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-23-2005 11:47 PM
тАО05-23-2005 11:47 PM
Re: Console Switch Active Directory problems
yes, please contact me through the forum or write e-mail to
andreas.peetz(at)sanofi-aventis.com
Thank you for your help
Andreas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-14-2005 10:55 AM
тАО06-14-2005 10:55 AM
Re: Console Switch Active Directory problems
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-15-2005 01:37 AM
тАО06-15-2005 01:37 AM
Re: Console Switch Active Directory problems
We suggest that you follow Appendix A exactly and change one parameter at a time until it fits your organization. If you have already done this, please list every difference that you have made from the tutorial.
Regards,
Alex
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-15-2005 10:13 AM
тАО06-15-2005 10:13 AM
Re: Console Switch Active Directory problems
Ok so here's my confusion...
If I'm understanding your instructions correctly, in order for directory integration to function properly, we would need to reorganize our structure to accommodate the appliance? I thought that the appliance could be configured to work with our existing environment. We are not set up as easily as the example is. For example because we have nested OU's my search dn string reads similar to this:
cn=kvmquery,ou=My Accounts,ou=MyAgency,dc=agency,dc=com. And the OU container isn't named KVMLDAP and not located directly under the root.
So, does the OU container that holds the groups and switches need to be directly off of the root to function?
And as in the example, does the DC have to be directly connected to the switch?
Once again I appreciate your input.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-15-2005 10:25 AM
тАО06-15-2005 10:25 AM
Re: Console Switch Active Directory problems
Thanks,
Alex