Solved

Graylog, LDAP bind issue when trying to make the connection, incorporate AD. Please help!

Posted on 2016-08-26
1
171 Views
Last Modified: 2016-08-26
Here is the error message:
MessageType : BIND_RESPONSE
Message ID : 4
    BindResponse
        Ldap Result
            Result code : (INVALID_CREDENTIALS) invalidCredentials
            Matched Dn : ''
            Diagnostic message : '80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 52e, v2580'
Also:
Diagnostic message : '80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 775, v2580'

The server configuration makes a successful connection to Active Directory but cannot bind.
Here are my settings:

Server address: ldap://x.x.x.x:389
username: admin@domain.com
Search Base DN: dc=dc,dc=name,dc=com
User Search Pattern: (objectClass=user)
Display Name attribute: displayName
Group Search Base DN: dc=prod,dc=Admi,dc=Com
Group Search Pattern: (objectClass=group)
Group Name Attribute: cn
Default User Role: Administrator
ALL SEEMS WELL UNTIL...
Login test: Domain Admin
password: xxxxx
Tried: admin@domain.com as well...no luck
User account is fine, not locked out etc and works for everything BUT Graylog. I hit "Test Login":



MessageType : BIND_RESPONSE
Message ID : 4
    BindResponse
        Ldap Result
            Result code : (INVALID_CREDENTIALS) invalidCredentials
            Matched Dn : ''
            Diagnostic message : '80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 775, v2580'
0
Comment
Question by:admitech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
admitech earned 0 total points
ID: 41772291
Had to reduce the search base dn down to the CN level. Worked fine.
CN=user,OU=whatever,dc=domain,dc=com
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question