Thanks Michael, Yes sir, the qradar box is able to hit the ipa server on 389 and 636 with success via telnet.
Sean Hogan From: Michael Plemmons <michael.plemm...@crosschx.com> To: freeipa-users <freeipa-users@redhat.com> Date: 05/08/2017 01:21 PM Subject: Re: [Freeipa-users] qradar UBA to IPA Sent by: freeipa-users-boun...@redhat.com >From the server running Qradar can you ping the IPA server? Are you able to telnet to port 389 or 636 of the IPA server. The error says it can't contact the LDAP server which usually means you have not gotten to the point of authentication yet. Mike Plemmons | Senior DevOps Engineer | CROSSCHX 614.427.2411 mike.plemm...@crosschx.com www.crosschx.com On Mon, May 8, 2017 at 3:31 PM, Sean Hogan <scho...@us.ibm.com> wrote: Hello IPA, I am trying to set up User Behavioral analytics from Qradar to IPA. Having some issues with it after we got 389 and 636 open between the nets. Qradar Console is not in IPA and on differ net although we do have comms on 389 and 636 now ipa-server-3.0.0-50.el6.1.x86_64 I set up an account in IPA with no HBACS or anything and just gave it a IPA role to read data which we use in the below config. Getting file:///home/schogan/Documents/SametimeTranscripts/[multi-way]/20170508-100730%7BJUSTIN%20L.%20BAUMAN's%20group%20chat%7D/IMAGE $1CFC0CDDB6F2F123.jpg URL I have them using ldaps://IPofIPAserver.example.com BaseDN dc=example,dc=local filter users,cn=accounts,$Suffix attributes are left default username is the user i made in ipa pw is the pw I made in ipa file:///home/schogan/Documents/SametimeTranscripts/[multi-way]/20170508-100730%7BJUSTIN%20L.%20BAUMAN's%20group%20chat%7D/IMAGE $1B778A1810D34E76.jpg Has anyone attempted this or have any sample configs to play with or see anything I am doing incorrect? Sean Hogan -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
