Solved

How can I check/test LDAP Setting on Windows Server 2003

Posted on 2010-08-20
8
998 Views
Last Modified: 2013-12-24
We just installed a new SonicWall (TZ100) that we would like to integrate with our Active Directory on Windows Server 2003.

I have been following through the SonicWall Documentation, but I keep running into a connection issue.

Is there a way to check/test the LDAP setting on my Windows Server 2003 so that I can see what it is looking for an excepting?
0
Comment
Question by:AutomatedIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 33485136
You want to communicate directly with LDAP on your domain controller?  
From your command prompt:
ldp <name.of.DC>
0
 
LVL 17

Accepted Solution

by:
Kvistofta earned 500 total points
ID: 33485204
I recommend you using a freeware ldap browser (try any of the 5 first hits for "free ldap browser" on google) before trying to configure your sonicwall. It will come more clear to you about the syntax of ldap settings if you first succeed in connecting with a standalone browser.

In general when you talk ldap to a windows server you need these settings:

username: cn=administrator,ou=users (or similar. Specify username and the containter where this user is)
password: password
Use secure ldap.

When you managed to contact the AD with your ldap browser it will be much easier for you to configure ldap-settings in your firewall.

Good luck!

As a reference, here is how I configure my Cisco ASA to authenticate users in AD over LDAP at home:

aaa-server LDAP protocol ldap
aaa-server LDAP (outside) host 192.168.1.51
ldap-base-dn CN=Users,DC=kvistofta,DC=local
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *
ldap-login-dn CN=admin,CN=Users,DC=kvistofta,DC=local
server-type microsoft

/Kvistofta
0
 
LVL 1

Author Comment

by:AutomatedIT
ID: 33485921
Okay,  I have narrowed down my issue.  

It is not accepting the Administrator credentials for LDAP.  I tested on another network using the administrator credentials and it worked fine.  Guess that the administrator permissions have been specifically changed somehow.

Question:  I would like to setup an AD account to be solely used for LDAP communication.  How to I assign the appropriate permissions?
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 3

Expert Comment

by:superggg
ID: 33485935
0
 
LVL 1

Expert Comment

by:smtwkla
ID: 33486029
What exactly is the message you get from your firewall when you test the connection? Did you try connecting with some other user name?

Remember you must use the user's full name and not the logon username. Make sure that the administrator account you are trying to use is in the OU you expect. There is a setting "User tree for login to server" in the Directory tab of the LDAP config. Make sure you got it right.

What is the exact message you are getting?
0
 
LVL 1

Author Comment

by:AutomatedIT
ID: 33486218
Error 49: Invalid Credentials
0
 
LVL 17

Expert Comment

by:Kvistofta
ID: 33486337
The problem is probably NOT the password but instead the way you specify the username. You cannot just say "administrator" but must use an X500-format, like in my example above: "CN=admin,CN=Users,DC=kvistofta,DC=local".

/Kvistofta
0
 
LVL 1

Expert Comment

by:smtwkla
ID: 33486865
As Kvistofta says, It is not due to the password being wrong. It is due to the way you specify the credentials. Please read the sonicwall LDAP integration guide http://www.sonicwall.com/downloads/LDAP_Integration_Feature_Module.pdf
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Stored Procedure in Microsoft SQL Server is a powerful feature that it can be used to execute the Data Manipulation Language (DML) or Data Definition Language (DDL). Depending on business requirements, a single Stored Procedure can return differe…
This post contains step-by-step instructions for setting up alerting in Percona Monitoring and Management (PMM) using Grafana.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question