Hot!Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003)

Author
alaurent
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/09/01 09:46:53
  • Status: offline
2017/09/04 05:19:51 (permalink)
0

Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003)

I can not configure an LDAP Server on an FG-60E with FortiOS 5.6
 
I am trying to set up an FSSO from an FG-60E and a Windows Server 2003, but I can not add the LDAP server.
 
After placing the IP of the Windows 2003 Server, as well as the user and password of the domain administrator, when doing Browser to identify the Distinguished Name, the system indicates: "Invalid LDAP server"
 
If I put the Distinguished Name manually, and try to test the connection, it says "Invalid credentials"
 
All this despite the IP of the server is correct, as well as the user and password, which I am placing flat:
User = Administrator
Key = #####
 
Waiting for your comments
#1

8 Replies Related Threads

    alago
    New Member
    • Total Posts : 20
    • Scores: 5
    • Reward points: 0
    • Joined: 2017/06/04 11:45:32
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/04 05:57:04 (permalink)
    0
    Hi alaurent,
     
    If you use Distinguished Name as your Common Name Identifier you have to change your user to DN Format which is something like this: CN=User Name, OU=Users, DC=contoso, DC=com
     
    If you want to use the user account name your have to change the common name identifier to sAMAccountName.
     
    Hope it helps.
     
     

     

     
     
    #2
    alaurent
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/09/01 09:46:53
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/04 08:15:24 (permalink)
    0
    The Windows Server and the FG are in the same network, so there are no comunication limitations
     
    My FG configurations is:
    Name: Local_LDAP
    Server IP/Name 192.168.1.29
    Server Port: 389
    Common Name Identifier: cn
    Distinguished Name: DC=comapny1,DC=company,DC=com
    Bind Type: Regular
    Username: Administrator
    Password: ••••••••
     
    From de Windows Server
    C:\Documents and Settings\>dsquery user
    "CN=Administrator,CN=Users,DC=company1,DC=company,DC=com"
    #3
    alago
    New Member
    • Total Posts : 20
    • Scores: 5
    • Reward points: 0
    • Joined: 2017/06/04 11:45:32
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/04 09:27:26 (permalink)
    0
    Did You tried change the Common name identifier as i suggested?

    Change It from CN to sAMAccountName and you'll be just fine.
    #4
    alaurent
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/09/01 09:46:53
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/04 11:35:13 (permalink)
    0
    Yes I tried, but same error
     
    Conf 1:
    Name: Local_LDAP
    Server IP/Name 192.168.1.29
    Server Port: 389
    Common Name Identifier: cn
    Distinguished Name: DC=comapny1,DC=company,DC=com
    Bind Type: Regular
    Username: cn=Administrator,CN=Users,DC=comapny1,DC=company,DC=com
    Password: ••••••••
     
    Conf2:
    Name: Local_LDAP
    Server IP/Name 192.168.1.29
    Server Port: 389
    Common Name Identifier: sAMAccountName
    Distinguished Name: DC=comapny1,DC=company,DC=com
    Bind Type: Regular
    Username: Administrator
    Password: ••••••••
     
     
    #5
    alago
    New Member
    • Total Posts : 20
    • Scores: 5
    • Reward points: 0
    • Joined: 2017/06/04 11:45:32
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/04 12:56:04 (permalink)
    0
    Hi!
     
    Try to telnet your LDAP from fortigate using: execute telnet 192.168.1.29 389
     
    if it doesnt work, it is probably the windows firewall or some antivirus blocking the connection. If it does we can dig more into this problem.
    #6
    Seppel
    Silver Member
    • Total Posts : 67
    • Scores: 4
    • Reward points: 0
    • Joined: 2004/06/22 14:02:34
    • Location: Switzerland
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/05 00:17:46 (permalink)
    0
    Hi
     
    Please try Username with Domain in front
    username: domain\administrator
     
    regards

    Fortigate 300C HA- soon 400E HA
    Fortimail 200E HA / 5.4.0
    Fortimanager
    FortiEMS / 1.2.1
    FortiSandbox 1000D
    Some other Models in use :-)
    ----------------------------------------------------
    FCSE
    ----------------------------------------------------
    #7
    alaurent
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/09/01 09:46:53
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/12 08:58:47 (permalink)
    0
    Hello
     
    The domain\username solve the problem.
     
    Final conf:
    Name: Local_LDAP
    Server IP/Name 192.168.1.29
    Server Port: 389
    Common Name Identifier: sAMAccountName
    Distinguished Name: DC=comapny1,DC=company,DC=com
    Bind Type: Regular
    Username: domain\username
    Password: ••••••••
     
    Thanks
     
     
     
    #8
    alago
    New Member
    • Total Posts : 20
    • Scores: 5
    • Reward points: 0
    • Joined: 2017/06/04 11:45:32
    • Status: offline
    Re: Unable to add a LDAP Server (FOS 5.6 to Windows Server 2003) 2017/09/12 13:47:01 (permalink)
    0
    Good to Know!
     
    Best Regards
    #9
    Jump to:
    © 2017 APG vNext Commercial Version 5.5