I have a very simple thing, that I have spend hours on trying to fix.
Setting a Windows DC as LDAP server and using this for administrative logins. It seems impossible. So I really need some help here.
1) Set a LDAP client config with binding username and pw. Not sure what to pick in minimum authentication, but tried them all (anon, simple, sasl)
2) Set the LDAP config for my SVM (cluster)
3) Created a user with secure login create and the nsswitch (for remote lookups) - ssh, http and ontapi
4) Added the ldap source in ns-switch
I have full visibility to both a '12R2 and a 19 DC, but non of them lets me perform the LDAP lookup. If I test the ldap from other applications it looks fine.
diag secd authentication translate has been used to test and it tells me LDAP is unavaible.
[ 3] Source: LDAP unavailable. Ignoring and trying next
Funny thing is that the connection is up according to vserver services ldap check:
LDAP Status: up
LDAP Status Details: Successfully connected to LDAP server
I must be overlooking something basic. Do I need to do anything on the Windows server to make it work? I also tried all the different schemas in LDAP client with no luck.
I can see the bind account is logging on the domain controller.
Am I really the first guy to want external authentication. :-)
Desperate for advise. Been stuck for to long.