/build/static/layout/Breadcrumb_cap_w.png

Secondary LDAP bind fails

Hi folks.

I have spent some grueling hours trying to resolve an error that is preventing regular users from logging into the K1000. This error occurs when a secondary bind to the LDAP server is attempted. The primary or initial bind works correctly without issue. For admin level users who also are Active Directory Domain Admins, all binds (initial and secondary) work as expected. I am not sure what the issue is but I know I need some help...

Thanks in advance for any and all responses.

--james
Asked 12 years ago 5957 views
0 Comments   [ + ] Show comments

Answers (8)

Posted by: airwolf 12 years ago
Red Belt
0
I have spent some grueling hours trying to resolve an error that is preventing regular users from logging into the K1000.
Call support. This definitely warrants a call. I could give you a few tips, but there is no point spending your time trying to figure it out when your users are unable to login.
Posted by: GillySpy 12 years ago
7th Degree Black Belt
0
Details on your configuration and the error would help greatly. Support will want that too.
Posted by: jbowes 12 years ago
Purple Belt
0
I spent about 4 hours on this yesterday and the only way it will work is the Windows user's account is allowed to log onto ALL COMPUTERS. Just adding the name of the K1000 into it's list og LOG ON TO... doesn't work. I am wondering if it is because the KBOX isn't actually part of the domain...

--james
Posted by: airwolf 12 years ago
Red Belt
0
I believe your assumption is correct.
Posted by: GillySpy 12 years ago
7th Degree Black Belt
0
Some google searches lead me to believe that adding the domain controller's name does the trick.
Posted by: jbowes 12 years ago
Purple Belt
0
Okay - you are correct. Adding the DC name does work but that it not really something we would like to do.

I suppose the question is why do they need that? For LDAP searches to actually work? Within AD's LDAP, I know the userWorkstation attribute exists but it doesn't seem have any significance...


--james
Posted by: airwolf 12 years ago
Red Belt
0
The problem isn't KBOX - it's your Active Directory configuration. If you restrict your users to specific machines, they aren't going to be able to authenticate to anything else. It sounds like that is what's going on.
Posted by: GillySpy 12 years ago
7th Degree Black Belt
0
What is the expected significance of the userWorkstation attribute? Do you have support with Microsoft? Perhaps they could shed some light on an alternative?
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Posted by:

jbowes Purple Belt
Ninja since: 12 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

KACE Product Support Questions
question

Related Questions

Link

Related Links

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ