PLEASE HELP! My sanity is at risk...
I am trying to configure LDAP in Orchestrator but keep getting the error: LDAP connection successful but no users found. Please check LDAP paths.
my user lookup base is: ou=users,DC=SG,DC=com
I read in an earlier post that changing the ou to CN in front of Users helped but that hasn't been the case for me.
The OU Users certainly exists and I created the a group VMO_Administrators and added the administrator to that group.
I am stumped!
In my AD I have create a specific OU for users and groups related with Orchestrator, and I works.
The example in the configuration I suppose that is wrong, cause Users (in default AD) is not a OU, but a CN.
Andre
Are you using some kind of LDAP solution or AD? If AD then I think the string you is "cn=users,DC=SG,DC=com" for both the "Users" and "Groups" setting.
Don't forget if the answers help, award points
Hi!
I'm using AD... I tried that and here is my result:
[LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of: 'DC=sg,DC=com'
Dude, if that worked, I would have given you the max points allowable.
From what little I know about your setup you might want to try the following:
Root: DC=SG,DC=com
Username: SG\(some Domain Admin username)
Password: (password for the above)
User lookup base: cn=Users,dc=SG,dc=com
Group lookup base: cn=Users,dc=SG,dc=com
vCO Admin group: cn=VMO_Administrators,cn=Users,dc=SG,dc=com
Don't forget if the answers help, award points
Users is an AD builtin group which can make it hard to find.
I agree that root should be dc=sg,dc=com
However, I would also set the user lookup base and the group lookup base to the same dc=sg,dc=com
Not that you're indicating an issue, but using the username@sg.com form always works for me with AD.
At this point I would apply changes. You should see an "error" that the VMO Admin group is not found.
Now I would recommend using the Search link next to the VCO Administrators Group field and then enter VMO_Administrators as the search string. VCO should return the full DN for your VMO Admin group. Click on that link which will populate the field back on the main LDAP page.
Now click on Apply once more and the status light should go green.
Good luck.
Bill
username should be speficied as user_name or user_name@domain.suffix.
domain\user_name is not likely going to work in my experience since it's MS Windows specific format instead of standard LDAP.
Don't worry, we will get you working.
Sia
Some infos also in this thread:
(but are almost the same notes of )
Andre
Thanks for all of the suggestions guys, I really appreciate it! I just got here after the weekend and will start pounding away on it and let you know how it goes.
Thanks again!
We have a pretty complicated AD configuration with users and groups that are not located in the default folders.
The solution for us was to use a config like this:
Root: DC=SG,DC=com
User lookup base: dc=SG,dc=com
Group lookup base: dc=SG,dc=com
for the vmo admin group: the goup would be a CN, the path all OU and at the end again dc=SG,dc=com (CN=AdminGroup,OU=folder1,OU=folder2,dc=SG,dc=com)
The user must have the right to read the complete AD structure from the root object, otherwise it will not find the specified users our goups.
Hope this helps.
Hey Guys,
I was on the phone with support and the support rep changed the Root to: CN=Users,DC=sg,DC=com and that fixed the problem. Craziness....
Thanks for all your help, I REALLY appreciate it - I hope I can return the favor some time!
You deserve all the point bro .. thnx for the help