Help

Help on Authenticating OpenLDAP users

justinrummel
Contributor III

Posted on ‎02-24-2012 06:06 PM

I have my LDAP Server Connections established and I can perform lookups and find users within my OpenLDAP database. I can also find a user in my LDAP database and add them to the JSS Account settings giving them full rights (to ensure permissions is not an issue).

My problem is that I still cannot authenticate as the LDAP user to administer the JSS, nor can I use that LDAP user to enroll a device. I believe there is something with the authentication between the two servers, but I'm not sure where to start debugging the issue.

0 Kudos
2 REPLIES 2

justinrummel
Contributor III

Posted on ‎02-25-2012 01:32 PM

In case anyone is trying this here are a few more facts and how this was resolved:

  • ldap is using 389 (not secure... I know... that is the next step)
  • ldap.conf files were using ldapi which doesn't work with non-TLS settings. Need to chage to ldap://FQDN
  • even though you can ldapsearch a user, group, or if a user is in a group from the JSS, to authenticate you still need to select "simple" and populate with your ldap un/pw
0 Kudos

Alex_perez
New Contributor

Posted on ‎06-16-2014 10:13 AM

I am having a similar problem, accept I can administer the jss fine with my LDAP users, I just can not enroll them using the quick add package. I checked the ldap.conf file in etc, but everything is commented out, so I think I might be looking at a different conf file then you. Where did you change ldapi to ldap? I think this is the same issue I am having because we are also not yet using ssl.

0 Kudos