AutomatedIT
asked on
How can I check/test LDAP Setting on Windows Server 2003
We just installed a new SonicWall (TZ100) that we would like to integrate with our Active Directory on Windows Server 2003.
I have been following through the SonicWall Documentation, but I keep running into a connection issue.
Is there a way to check/test the LDAP setting on my Windows Server 2003 so that I can see what it is looking for an excepting?
I have been following through the SonicWall Documentation, but I keep running into a connection issue.
Is there a way to check/test the LDAP setting on my Windows Server 2003 so that I can see what it is looking for an excepting?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay, I have narrowed down my issue.
It is not accepting the Administrator credentials for LDAP. I tested on another network using the administrator credentials and it worked fine. Guess that the administrator permissions have been specifically changed somehow.
Question: I would like to setup an AD account to be solely used for LDAP communication. How to I assign the appropriate permissions?
It is not accepting the Administrator credentials for LDAP. I tested on another network using the administrator credentials and it worked fine. Guess that the administrator permissions have been specifically changed somehow.
Question: I would like to setup an AD account to be solely used for LDAP communication. How to I assign the appropriate permissions?
What exactly is the message you get from your firewall when you test the connection? Did you try connecting with some other user name?
Remember you must use the user's full name and not the logon username. Make sure that the administrator account you are trying to use is in the OU you expect. There is a setting "User tree for login to server" in the Directory tab of the LDAP config. Make sure you got it right.
What is the exact message you are getting?
Remember you must use the user's full name and not the logon username. Make sure that the administrator account you are trying to use is in the OU you expect. There is a setting "User tree for login to server" in the Directory tab of the LDAP config. Make sure you got it right.
What is the exact message you are getting?
ASKER
Error 49: Invalid Credentials
The problem is probably NOT the password but instead the way you specify the username. You cannot just say "administrator" but must use an X500-format, like in my example above: "CN=admin,CN=Users,DC=kvis
/Kvistofta
/Kvistofta
As Kvistofta says, It is not due to the password being wrong. It is due to the way you specify the credentials. Please read the sonicwall LDAP integration guide http://www.sonicwall.com/downloads/LDAP_Integration_Feature_Module.pdf
From your command prompt:
ldp <name.of.DC>