[PacketFence-users] Join Active Directory Bind Error

Tue, 02 Jul 2024 06:38:09 -0700 

Hi
I am experiencing errors when I create a Active Directory Domain ( Joining ), inside packetfence, because anonymous binding is not allowed and somehow packetfence tries with anonymous and not the bind DN of the the admin username and password entered in the UI. 


With a ldapsearch commandline i have to specify the bind options with 
full DN of the user, and it connects.

I have tested kinit also with success, so it should not be a port issue.

netcat tests on port 64, 88, 636, 389 are all working.


Is there any way to get this bind setting into packetfence ui or is it 
possible to create the active directory domain from cli ?



The Connection profile part works like charm, it is only the active 
Directory part (Configuration - Policies and Access control - Roles - 
Active Directory Domains)


I get the following error in the UI

/    Unable to add machine account with following error:/

/    {'result': 1, 'description': 'operationsError', 'dn': '', 
'message': '000004DC: /
/    LdapErr: DSID-0C09128C, comment: In order to perform this operation 
a successful bind must be completed on the connection., data 0, 
v4f7c\x00', 'referrals': None, 'type': 'addResponse'}/



I have added the LdapEnforceChannelBinding to registry and set it to 0 
in value, but that did not fix my issue.



This ldapsearch command works:


/    ldapsearch -LLL -x -H ldap://192.168.11.11 -W "CN=Peter 
Jensen,OU=All-Users,OU=domain.dk,DC=domain,DC=local" -b 
DC=domain,DC=local -D "domain\user"/


If i do not add the bind statement i get this error:

/    Operations error (1)

    Additional information: 000004DC: LdapErr: DSID-0C090C78, comment: 
In order to perform this operation a successful bind must be completed 
on the connection., data 0, v4f7c/


Basically the samme error without the bind statement.


I am running latest packetfence on debian 11.9 with latest packetfence 
version.



Can any one point me in the right direction so i can find a soulution on 
this.


Thanks in advanced.

Regards
Peter Jensen

_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users














    











					Reply via email to