XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Authentication via Active Directory

    Scheduled Pinned Locked Moved Xen Orchestra
    3 Posts 2 Posters 1.9k Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      bberndt
      last edited by bberndt

      Hello.
      I understand this has been discussed a little bit, but nothing I've seen is pointing me in the right direction. Was wondering if anyone has this Active Directory business working?

      Basically I have a group that is 3 OU's deep in my AD, and want to let those users, in that group, log in, so I can set them permissions. Nothing seems to work.

      If I try to log in, (and the notation? or style isn't mentioned anywhere, that I can see) user@domain.ext, domain\user, and user just don't authenticate.

      On the Test Plugin part, its not clear if I need to use the LDAP read-user or any intended AD user, nor notation. But if I do, all I get is:

      0000208D: NameErr: DSID-03100288, problem 2001 (NO_OBJECT), data 0, best match of:
      'OU=OULevel2,OU=OULevel1,DC=domain,DC=ext'

      Note, the error doesn't mention OU Level 3, where group of users are.

      Im using a brand new install with the XenOrchestraInstallerUpdater script, which went perfect.
      My LDAP URI is ldap://host.domain.ext
      check certificate and TLS is off.
      The LDAP user is user@domain.ext.
      User Filter: (sAMAccountName={{name}})

      D 1 Reply Last reply Reply Quote 0
      • D Offline
        DeOccultist @bberndt
        last edited by

        @bberndt
        I'm pretty sure the Test data section is for any intended AD user.

        I'm not sure if it helps your particular case but I'm using:

        My LDAP URI is ldaps://host.domain.ext:636
        check certificate and TLS is off
        The LDAP user is user@domain.ext.
        User Filter: (&(objectCategory=Person)(sAMAccountName=*))

        B 1 Reply Last reply Reply Quote 0
        • B Offline
          bberndt @DeOccultist
          last edited by

          @deoccultist
          Sadly, none of this seemed to make any difference.

          1 Reply Last reply Reply Quote 0

          Hello! It looks like you're interested in this conversation, but you don't have an account yet.

          Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

          With your input, this post could be even better 💗

          Register Login
          • First post
            Last post