cancel
Showing results for 
Search instead for 
Did you mean: 

Login failed using auth server AD Server (LDAP Server)

vads_
Not applicable

Login failed using auth server AD Server (LDAP Server)

Hye All,

 

I'm  facing some difficulties here and need you guys to help..

 

This is the log for user access :

 

Login failed using auth server AD Server (LDAP Server). Reason: Failed
Primary authentication failed for aqmal/AD Server from x.x.x.x
Login failed using auth server AD Server (LDAP Server). Reason: Failed
Primary authentication failed for aqmal/AD Server from x.x.x.x

 

and this is the log from recording's troubleshooting menu :

 

Attempting to authenticate user "aqmal" with auth server "AD Server"
User lookup failed to LDAP server AD Server:
Sign-in rejected using auth server AD Server (LDAP Server). Reason: Failed

 

If I test the connection : LDAP server is reachable.

 

In AD server got several users for example aqmal,vpntest,vpnuser etc..However, not all user can access and they're getting the same error. Can I know the steps to be taken to overcome this issue?

3 REPLIES 3
jayLaiz_
Super Contributor

Re: Login failed using auth server AD Server (LDAP Server)

Hi,


Can you attach a screenshot of the LDAP configuration on the JUniper SA?

Is role mapping based on username or groupname ?

 

If using groupname, do you see alll groups listed when you click on groups under role mapping and search the server catalog?

 

Regards,

Jay

RexPGP_
Frequent Contributor

Re: Login failed using auth server AD Server (LDAP Server)

  In order to use Password Management, you may need to select the 'Authentication required to search LDAP' checkbox below and enter your LDAP administrator DN and password.
Admin DN:  
Password:  
 
Finding user entries
  Specify how to find a user entry
 
 
  Base DN: example: dc=sales,dc=com
* Filter: example: cn=<USER>
   
Determining group membership
  If group membership is NOT reflected as attributes of a user's entry, specify how to find a group's entries. Note that these are default settings that you can override on a per-group basis in the Server Catalog.
 
Base DN: example: dc=sales,dc=com
Filter: example: cn=<GROUPNAME>
Member Attribute: Attribute used to identify members of a static group or groups to which a member belongs
  Search starts from the member instead of the group
Query Attribute: Attribute used to determine members of a dynamic group
Nested Group Level: Maximum depth of nested group
Nested Group Search: Faster, but less flexible
  Slower, but more flexible
zanyterp_
Respected Contributor

Re: Login failed using auth server AD Server (LDAP Server)

Please change your admin username to a DN & try. Using UPN format is not supported for the admin credentials, but I have heard of it working (and then fails).

What is the difference in tcp dump for working & non? Is everyone in the same domain level?