Hello guys,
I made ldap config with external authentication, I created user on cmdb side but it gives error when I test it. what could be the cause?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
Can you share the error?
Created on 11-13-2023 01:50 AM Edited on 11-13-2023 01:51 AM
When I test it, it gives the error "Invalid user name or password." but I created a user on cmdb and assigned it to external and there is a user on active directory.
Hi adem_netsys,
in this case double-check the External authentication profile you have assigned to that external user in Settings>General>External authentication profile.
You must specify the DN and port 389 for LDAP.
If it still does not work check communication with LDAP server with a pcap and verify the response:
tcpdump -i any host <LDAP_IP> and port 389 -vvv
Regards
I think I see the problem. These steps alone are not enough, we need to do credential and discovery first. Do you think it is necessary to keep the users in the tenant structure on the super side or where the tenant is?
I want to make sure if we need to define as credential for external auth definitions to be successful.
If these are users that will operate only on specific tenants than better to move them where the tenant is by organization. Basically configure the administration on the need-to-know principle.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.