FSSO-polling mode, invalid LDAP Sv issue

Forum|Forum|7 years ago
November 26, 2018
1 reply
3565 views

Hi every one,

I config LDAP as link: https://blogs.msdn.microsoft.com/microsoftrservertigerteam/2017/04/10/step-by-step-guide-to-setup-ldaps-on-windows-server/

Do not use SSL , LDAP joined domain,

dsquery user -name ldap

CN=LDAP,OU=Users,OU=SYSTEM,OU=VIFB,DC=vifb,DC=local

ldap.GIF

xsilver_FTNT

Staff

Hi,

I'd try CLI ..

1. enable debug

diag debug reset

diag debug app fnbamd 7

diag debug enable

2. then test

diag test auth ldap <SERVER> <username> <password>

.. and fnbamd should let you know if first regular bind failed or haven't found user or so.

I gues sit's failing on first bind, so account used for regular bind has no sufficient rights, or correct password, or FGT has no access to LDAP (some firewall on the way).

Alternatively .. diag sniff packet any 'host <LDAP-IP> and port <LDAP PORT 389>' 6 0 a or sniff LDAP traffic from gui to see directly in packets what LDAP server said, if anything.

KubosockAuthor

New Member

Hi,

Tks xsilver .

A major benefit of Polling mode is that no FSSO DC Agents are required . So I config LDAP on windown server . provider said LDAP is fault .

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded