Solved

How can I check/test LDAP Setting on Windows Server 2003

Posted on 2010-08-20
8
978 Views
Last Modified: 2013-12-24
We just installed a new SonicWall (TZ100) that we would like to integrate with our Active Directory on Windows Server 2003.

I have been following through the SonicWall Documentation, but I keep running into a connection issue.

Is there a way to check/test the LDAP setting on my Windows Server 2003 so that I can see what it is looking for an excepting?
0
Comment
Question by:AutomatedIT
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 29

Expert Comment

by:Rich Weissler
Comment Utility
You want to communicate directly with LDAP on your domain controller?  
From your command prompt:
ldp <name.of.DC>
0
 
LVL 17

Accepted Solution

by:
Kvistofta earned 500 total points
Comment Utility
I recommend you using a freeware ldap browser (try any of the 5 first hits for "free ldap browser" on google) before trying to configure your sonicwall. It will come more clear to you about the syntax of ldap settings if you first succeed in connecting with a standalone browser.

In general when you talk ldap to a windows server you need these settings:

username: cn=administrator,ou=users (or similar. Specify username and the containter where this user is)
password: password
Use secure ldap.

When you managed to contact the AD with your ldap browser it will be much easier for you to configure ldap-settings in your firewall.

Good luck!

As a reference, here is how I configure my Cisco ASA to authenticate users in AD over LDAP at home:

aaa-server LDAP protocol ldap
aaa-server LDAP (outside) host 192.168.1.51
ldap-base-dn CN=Users,DC=kvistofta,DC=local
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *
ldap-login-dn CN=admin,CN=Users,DC=kvistofta,DC=local
server-type microsoft

/Kvistofta
0
 
LVL 1

Author Comment

by:AutomatedIT
Comment Utility
Okay,  I have narrowed down my issue.  

It is not accepting the Administrator credentials for LDAP.  I tested on another network using the administrator credentials and it worked fine.  Guess that the administrator permissions have been specifically changed somehow.

Question:  I would like to setup an AD account to be solely used for LDAP communication.  How to I assign the appropriate permissions?
0
 
LVL 3

Expert Comment

by:superggg
Comment Utility
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 1

Expert Comment

by:smtwkla
Comment Utility
What exactly is the message you get from your firewall when you test the connection? Did you try connecting with some other user name?

Remember you must use the user's full name and not the logon username. Make sure that the administrator account you are trying to use is in the OU you expect. There is a setting "User tree for login to server" in the Directory tab of the LDAP config. Make sure you got it right.

What is the exact message you are getting?
0
 
LVL 1

Author Comment

by:AutomatedIT
Comment Utility
Error 49: Invalid Credentials
0
 
LVL 17

Expert Comment

by:Kvistofta
Comment Utility
The problem is probably NOT the password but instead the way you specify the username. You cannot just say "administrator" but must use an X500-format, like in my example above: "CN=admin,CN=Users,DC=kvistofta,DC=local".

/Kvistofta
0
 
LVL 1

Expert Comment

by:smtwkla
Comment Utility
As Kvistofta says, It is not due to the password being wrong. It is due to the way you specify the credentials. Please read the sonicwall LDAP integration guide http://www.sonicwall.com/downloads/LDAP_Integration_Feature_Module.pdf
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

APEX (Application Express) is used to develop a web application from Oracle. SQL Workshop is one of the tools that comes with Oracle APEX to query or modify the database objects or to make any changes to the structure.
Learn about cloud computing and its benefits for small business owners.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now