Me and another guy are domain admins. LDAP has worked well for us. But for some reason, he and I can not log into Kace with our domain accounts. I found that If I move my AD account to a different OU, presto; I can log in. Move it back and no dice.

 

What am I missing here? What do I need to look for?

0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

0

Are you pointing to the root of the domain or targetting a specific OU in the Search Base DN on the Control Panel > User Authentication > External LDAP Server Authentication > User Server screen? Just for reference, I'm not using the Admin Server or Read-Only Admin Server screens at all (they are defaults with KACE default info in the fields).

For my Search Base DN, I have (for the Company.Net domain):

DC=Company,DC=Net

For my search filter, I have:

(&(&(&(samaccountname=KBOX_USER)(objectclass=user))(department=*))))

I added the department=* as (in my setup) only non-utility user accounts will have this field populated in ADUC, but this might be an idea for something you could try.

Hope something there helps!

John

Answered 08/30/2012 by: jverbosk
Red Belt

Please log in to comment
0

Also make sure the ldap user you are attaching with has read rights to all OU's

Answered 08/31/2012 by: SMal.tmcc
Red Belt

Please log in to comment
0

Here is a really good article explaining ldap setup with multiple OU's if you are still looking for an answer.

 

http://www.kace.com/support/resources/kb/article/Setting-up-LDAP-Filter-Tips-and-Tricks?action=artikel&cat=55&id=1004&artlang=en

Answered 09/04/2012 by: Timi
Seventh Degree Black Belt

Please log in to comment
Answer this question or Comment on this question for clarity