Skip to main content
Solved

How to change LDAP server with config files?


Forum|alt.badge.img+5

Hello

I'm just wondering if there is an possibility to modify some XML or .conf file to replace wrong LDAP servers.

Once my corporate colleagues turned off old domain controllers I lost ability to access JSS website due to LDAP connection error. According to this I'm not able to make a change via JSS website.

Therefore, I am curious if there is an option to change configurations via XML, .conf or JAVA settings directly on JSS server.

My JSS is working on CentOS 6.6, JSS is in ver 9.65

I would be grateful for any suggestions!

Best answer by andrew_nicholas

I suppose asking them to turn on the old DC's during off-hours or an outage window is a no go? That log looks like its more likely from a policy with LDAP limitations in it rather than a log in failure. You're most likely going to want to reach out to your TAM to see if they can assist with editing the database manually and adding 'hacking' in a new admin account to the JSS.

View original
Did this topic help you find an answer to your question?

5 replies

Forum|alt.badge.img+16
  • Honored Contributor
  • 224 replies
  • December 9, 2015

have you tried to login with your local JSS admin account?


Forum|alt.badge.img+13

Are you unable to log in to the JSS or unable to connect to the web console all together? If the later you can always try and get to it directly via IP, but if you're unable to log in all together and don't have access to a static account within the JSS DB, you're probably best off speaking with your TAM.


Forum|alt.badge.img+5
  • Author
  • New Contributor
  • 5 replies
  • December 9, 2015

Hi

Thank you, guys for involvement.

I can access JSS but I can not log in. Even with my local accounts.
Every time it is trying to resolve it via LDAP.
This is what I can see in system log file while log in:

2015-12-09 08:24:55,957 [WARN ] [DeployableObject ] - Unable to load LDAP scope for deployables


Forum|alt.badge.img+13
  • Honored Contributor
  • 365 replies
  • Answer
  • December 9, 2015

I suppose asking them to turn on the old DC's during off-hours or an outage window is a no go? That log looks like its more likely from a policy with LDAP limitations in it rather than a log in failure. You're most likely going to want to reach out to your TAM to see if they can assist with editing the database manually and adding 'hacking' in a new admin account to the JSS.


Forum|alt.badge.img+5
  • Author
  • New Contributor
  • 5 replies
  • December 10, 2015

Thank you andrew.nicholas

I contacted TAM. We was able to re-create local user and access JAMF website using that account.
With that I was able to put correct LDAP server details in there. After this all back to normal.

And you are right, 2nd option would be to turn LDAP DC on to make that change as well, but in our company looks like it is much more difficult than I expected ;)

Thank you for a help.
This problem is solved now.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings