Security

Reply
Highlighted
Occasional Contributor II

clearpass and ldap server settings help

Under Administration -> Operator Logins -> Servers 

I have put in all the Ldap server information but I get the following error:

 

Authentication failed (username unknown)


I have also verified I can connect with the username password. I tested this by using ldp on the domain controller and I was able to bind and search.

 

I have tried various different settings but I Can't get it to work. 

Attached is a screenshot of my settings.


Also,

The documentation for this is wrong. 

It says

 

"Bind DN

The password to use when binding to the LDAP server. For an anonymous bind, leave this field empty."

 

The bind DN is not the password!

 

Any suggestions?

 

https://www.arubanetworks.com/techdocs/ClearPass/CPGuest_UG_HTML_6.5/Default.htm#OperatorLogins/CreatingLDAPServer.htm#kanchor549

Guru Elite

Re: clearpass and ldap server settings help

This is what I have:

 

BindDN cn=domainuser,cn=users,dc=domain,dc=com

 

BaseDN dc=domain,dc=com

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: clearpass and ldap server settings help

I do not have a BaseDN  in clearpass 6.7

Guru Elite

Re: clearpass and ldap server settings help

Are you editing the authentication source?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Aruba Employee

Re: clearpass and ldap server settings help

You are correct that the doc has an error.  The UI hint is correct but the guide has a missed copy-paste from the password field.

 

Base DN is there for the POSIX compliant option.  AD just has the username and password.  There are varying formats for username so make sure you are entering the one your system wants.

 

What scheme are you using?  ldap3s:///?

Occasional Contributor II

Re: clearpass and ldap server settings help

Here are the settings that made it work finally. 

 

It does not work without the bind dn empty. They should really clarify what is needed for this in the docs. Literally every application whats differerent settings. Also important was specifying dc=mydomain,dc=local in the server url. Hope this helps someone else.


clearpass-ldap-server-settings.PNG

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: