I am trying to setup LDAP authentication on new zabbix server that is running version 2.2.4. Testing get error:
ldap_bind(): Unable to bind to server: Can't contact LDAP server [authentication.php:116 → CLdapAuthValidator->validate() → CLdap->checkPass() → ldap_bind() in /usr/share/zabbix/include/classes/class.cldap.php:112]
LDAP: cannot bind by given Bind DN.
Login name or password is incorrect!
The config I am using:
LDAP Host ldaps://services.fnal.gov
Port 636
Base DN dc=services,dc=fnal,dc=gov
Search attribute sAMAccountName
Bind DN*
cn=cd-srv-zabbix,ou=FermiServiceAccounts,dc=services,dc=fnal ,dc=gov
Bind Password*
I do have new DigiCertCA.crt and ldap.conf pointing to the correct directory.
telnet services.fnal.gov 636 opens the port also.
ldap.conf has
TLS_REQCERT never
TLS_CACERTDIR /etc/openldap/cacerts
LDAP server log says "unknown CA" The same config working for zabbix version 1.8
Please help to figure out what am I doing wrong.
ldap_bind(): Unable to bind to server: Can't contact LDAP server [authentication.php:116 → CLdapAuthValidator->validate() → CLdap->checkPass() → ldap_bind() in /usr/share/zabbix/include/classes/class.cldap.php:112]
LDAP: cannot bind by given Bind DN.
Login name or password is incorrect!
The config I am using:
LDAP Host ldaps://services.fnal.gov
Port 636
Base DN dc=services,dc=fnal,dc=gov
Search attribute sAMAccountName
Bind DN*
cn=cd-srv-zabbix,ou=FermiServiceAccounts,dc=services,dc=fnal ,dc=gov
Bind Password*
I do have new DigiCertCA.crt and ldap.conf pointing to the correct directory.
telnet services.fnal.gov 636 opens the port also.
ldap.conf has
TLS_REQCERT never
TLS_CACERTDIR /etc/openldap/cacerts
LDAP server log says "unknown CA" The same config working for zabbix version 1.8
Please help to figure out what am I doing wrong.