Help

How to change LDAP server with config files?

Go to solution
Tomik_UNO
New Contributor II

Posted on ‎12-09-2015 03:35 AM

Hello

I'm just wondering if there is an possibility to modify some XML or .conf file to replace wrong LDAP servers.

Once my corporate colleagues turned off old domain controllers I lost ability to access JSS website due to LDAP connection error. According to this I'm not able to make a change via JSS website.

Therefore, I am curious if there is an option to change configurations via XML, .conf or JAVA settings directly on JSS server.

My JSS is working on CentOS 6.6, JSS is in ver 9.65

I would be grateful for any suggestions!

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
andrew_nicholas
Valued Contributor

Posted on ‎12-09-2015 06:00 AM

I suppose asking them to turn on the old DC's during off-hours or an outage window is a no go? That log looks like its more likely from a policy with LDAP limitations in it rather than a log in failure. You're most likely going to want to reach out to your TAM to see if they can assist with editing the database manually and adding 'hacking' in a new admin account to the JSS.

View solution in original post

0 Kudos
5 REPLIES 5

Go to solution
m_entholzner
Contributor III
Contributor III

Posted on ‎12-09-2015 05:12 AM

have you tried to login with your local JSS admin account?

0 Kudos

Go to solution
andrew_nicholas
Valued Contributor

Posted on ‎12-09-2015 05:29 AM

Are you unable to log in to the JSS or unable to connect to the web console all together? If the later you can always try and get to it directly via IP, but if you're unable to log in all together and don't have access to a static account within the JSS DB, you're probably best off speaking with your TAM.

0 Kudos

Go to solution
Tomik_UNO
New Contributor II

Posted on ‎12-09-2015 05:42 AM

Hi

Thank you, guys for involvement.

I can access JSS but I can not log in. Even with my local accounts.
Every time it is trying to resolve it via LDAP.
This is what I can see in system log file while log in:

2015-12-09 08:24:55,957 [WARN ] [DeployableObject ] - Unable to load LDAP scope for deployables

0 Kudos

Go to solution
andrew_nicholas
Valued Contributor

Posted on ‎12-09-2015 06:00 AM

I suppose asking them to turn on the old DC's during off-hours or an outage window is a no go? That log looks like its more likely from a policy with LDAP limitations in it rather than a log in failure. You're most likely going to want to reach out to your TAM to see if they can assist with editing the database manually and adding 'hacking' in a new admin account to the JSS.

0 Kudos

Go to solution
Tomik_UNO
New Contributor II

Posted on ‎12-10-2015 03:03 AM

Thank you andrew.nicholas

I contacted TAM. We was able to re-create local user and access JAMF website using that account.
With that I was able to put correct LDAP server details in there. After this all back to normal.

And you are right, 2nd option would be to turn LDAP DC on to make that change as well, but in our company looks like it is much more difficult than I expected ;)

Thank you for a help.
This problem is solved now.

0 Kudos