It appears your queryfilter may be incorrect - You are trying to match the %u in CloudStack to 'disPlayname' in AD? Verify that whatever you put into the username field in CS matches whatever is in the 'disPlayname' field in AD (this can be found by opening AD Users and Computers, selecting the menu option to show advanced properties, then looking at the user, then clicking the 'attributes' tab.
Regards, Kirk Jantzer http://about.met/kirkjantzer On Sat, Aug 24, 2013 at 12:48 PM, 不坏阿峰 <onlydeb...@gmail.com> wrote: > Cloudstack4.1.1 > (1). i create same user: dota on Active Directory and CS > (2). i have test ldap query by binddn cn=dota,ou=member,dc=lab,dc=com, > it is ok,so active directory ldap is ready. > (3). have two user under ou=member, dc=lab,dc=com: dota , csuser01 > (4). enable integration.api.port =8096, and restart CS-mangement > > Q1: from the CS log, ldap server configed, but IE response false, > what is correct information? > > Q2: how many user should be created on both Active Directory and CS ? > or only one for ldap config, active directory create other user just > for CS use > > Q3: what will change in UI when ldap config success? can see users > imported from Active Directory ? can use csuser01 to login CS ?(i try > log in but failure) > > > > http://192.168.230.2:8096/client/api?command=ldapConfig&hostname=192.168.123.61&searchbase=OU%3Dmember%2CDC%3Dlab%2CDC%3Dcom&queryfilter=%28%26%28disPlayname%3D%25u%29%29&binddn=CN%3Ddota%2COU%3Dmember%2CDC%3Dlab%2CDC%3Dcom&bindpass=123@lab&port=389&response=json > > ####### Got this response:##### > { "ldapconfigresponse" : { "ldapconfig" : > > {"hostname":"192.168.123.61","port":"false","searchbase":"OU=member,DC=lab,DC=com","queryfilter":"(&(disPlayname=%u))","binddn":"CN=dota,OU=member,DC=lab,DC=com"} > } } > > ####### CS log ######### > 2013-08-24 21:10:44,453 DEBUG > [cloud.configuration.ConfigurationManagerImpl] (ApiServer-4:null) The > ldap server is configured: 192.168.123.61 > > ######## other thing i checked ###### > (1) in CS4.1.1 ,sharedFunctions.js , var md5HashedLogin = fals > (2) when create dota in CS, "Network Domain" i put lab.com, username i > put dota >
