?
Solved

SSL VPN LDAP Issues

Posted on 2013-11-27
2
Medium Priority
?
1,057 Views
Last Modified: 2013-12-19
Sonic Wall 3500 communicates with AD LDAP on Windows 2008 Standard servers, but will not complete.

"Credentials not valid at LDAP server" with port 3268 selected.

"Problem contacting LDAP server" with any other port.

LDAP works with other applications (AirWatch for one)

No evidence of the SW actually getting through to the server on the server logs.
0
Comment
Question by:weburt
  • 2
2 Comments
 
LVL 27

Accepted Solution

by:
Blue Street Tech earned 2000 total points
ID: 39683060
Hi weburt,

The error Credentials not valid at LDAP server usually occurs when the following log message is generated.LDAP Log ErrorFrom the log message it is evident that this is an LDAP Bind error. When integrating SonicWALL with an LDAP server, the user entered under Login user name of the LDAP > Settings tab makes a Bind request. This request could fail if the username, password or the directory entered under User tree for login to server is incorrect.

To resolve, check the following:
Check that the Login user name on the LDAP > Settings tab (if Give login name/location in tree is selected) is the display name and not the username. For example, John Doe is a display name and jdoe is the username.
LDAP Settings
Also check that the above user is in the directory entered under User tree for login to server. This is normally the Users directory.
LDAP Directory
Check if Give bind distinguished name is selected under LDAP > Settings, make sure it is correct. For example, this is the DN of an administrator in the Users directory:
CN=Administrator,CN=Users,DC=hal-2010,DC=local
That the password entered is correct.

Note: The user to bind to the LDAP server could be a normal domain user and need not be an administrator.

Let me know how it goes!
0
 
LVL 27

Expert Comment

by:Blue Street Tech
ID: 39688958
Do you have any questions?
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question