I’m having no luck making LDAP work agains MS Active Directory. Configured everything under Settings | LDAP Configuration, and pressing the Test Connection button, entering credentials (that i know are correct) gives “Test Connection Unsuccessful” every time. I have a sniffer on the DC, so i verify that the TLS 1.2 session is set up correctly, SSL certs, chiphers etc are OK. In the TCP thread theres a couple of SSL TCP payload packets, before session is closed successfully. Heres the issue - Windows sec.eventlog logs Logon Failure audit, event ID 4625, Status 0XC0000225. Google says “C0000225 is a Microsoft bug.”
thanks for the reply. I actually got it working soon after posting… however the search filter syntax does nothing for me.
The comment in the documentation “After the LDAP is successfully configured ALL the users of the LDAP can login to the DLS appliance” was in my experience exactly that. Anyone in the domain could login. Clearly we would want to tie this to group/s but it didnt work for me at all so I have removed the config now :(
It’s been a while now, im a dev, i just make it work, and drop is, but as i remember i made it work using AD groups. I’ll check and se if I can find some doc on how I did it, but yes, the LDAP config on the DLS is not intuitive.
I am having a similar issue where the search filter will only accept objectclass=user or objectcategory=person If i try anything with groups i am simply getting an error once i test the LDAP connection