Jump to content

LDAP N00B Question

Dan Munns
 Share

Recommended Posts

Dan Munns Grand Master

Dan Munns

Posted
Posted

Hi all,

So today marks my first time working with LDAP and I am having a little trouble.

I have managed to get it to see the LDAP server and the credentials are correct and I am not getting any credentials error. However when I run the Hornbill app (from CMD as Admin as a dryrun) I get the following error after 'Finished message 2':

[ERROR] Search Error: LDAP Result Code 201 "ErrorNetwork": Invalid packet format

I have no idea what it means at all. I have tried leaving the ConnectionType as blank and changing it (and the port numbers) to SSL with no joy.

All the Infrastructure guys are away this week so I am sort of running around in the dark with this as the moment.

Any help appreciated.

Thanks

Dan

 

Dan Munns Grand Master

Dan Munns

Posted
  • Author
Posted

Its ok.

I had an error in my DSN line.

All works fine now on the dryrun test.

Google was no help as it was pointing me in the TLS direction but the ports were all ok.

Just me and my sausage like fingers I guess.

Thanks anyway :)

  • Like 1
Dan Munns Grand Master

Dan Munns

Posted
  • Author
Posted

Ok so now I am having issues with the LDAP mapping.

I want email address to be taken from "mail" rather than "userPrincipleName" but all I keep getting is [ERROR] Unable to Load LDAP Attribute: mail For Input Param: [mail]

Any ideas?

Martyn Houghton Grand Master

Martyn Houghton

Posted
Posted

@Dan Munns

In the "LDAPAttributes" section of the JSON, is the  "mail" attriibute listed, if not then that could cause the error your getting.

Example from our JSON below

  },
    "LDAPAttributes":[
        "cn",
        "sn",
        "telephoneNumber",
        "mobile",
        "sAMAccountName",
        "userPrincipalName",
        "givenName",
        "description",
        "department",
        "manager",
        "mail",
        "title"
    ],

Cheers

Martyn

  • Like 1
Dan Munns Grand Master

Dan Munns

Posted
  • Author
Posted

Thanks for that @Martyn Houghton

The "mail" attribute was there but I had missed a comma so I am guessing it wouldn't see it.

Finally (I think) how do you get it to search some sub OUs in a given OU?

Our AD is set out as such: 

     Business

          Site

               Building

                    Wing

Users with no site (remote workers for example) are in a sub OU in the Business OU. Hot deskers may be in a sub OU in the Building or Wing OUs. As the sub folders will change and others may be added I don't want to have to set up a config file for each folder and have a larger number of imports every night.

I also don't want it to search the whole subtree as it will pull in all the test and service account OUs

Any help appreciated

Thanks

Dan

    

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...