Topic
  • 3 replies
  • Latest Post - ‏2012-04-10T00:54:29Z by SystemAdmin
SystemAdmin
SystemAdmin
483 Posts

Pinned topic authenticating to tivoli directory server

‏2012-04-09T03:34:27Z |
I am trying to configure the Guardium portal to authenticate non-local accounts to TDS.

The full DN of my userid is:
RDN= uid=0A3339999,c=us,ou=directory,o=mycompany.com

So I have setup the Portal screen as:

Server = directory.mycompany.com
Port = 389 (test only)
RDN = uid=0A3339999,c=us,ou=directory,o=mycompany.com
Base DN = ou=directory,o=mycompany.com

Typically we authenticate to the directory with the mail= attribute ie anji@mycompany.com

I can't get the test user to successfully authenticate to TDS. I have tried RDN as uid, mail, the full DN. I'm not sure what value should be there nor am I sure what value I should submit on the test user field.

Is there another document that I can reference that is specific to TDS and/or can anyone spot the steps we might be missing?

Thanks
Updated on 2012-04-10T00:54:29Z at 2012-04-10T00:54:29Z by SystemAdmin
  • rjw_scw
    rjw_scw
    1 Post

    Re: authenticating to tivoli directory server

    ‏2012-04-09T16:18:20Z  
    So here are my thoughts:

    Server = directory,mycompany.com
    Port=389
    User RDN type= uid
    Base DN = c=us,ou=directory,o=mycompany.com
    uncheck SSL

    Also, they need to import uid as well if they are going to import the
    list of LDAP users. (If they are just testing authentication, import is not necessary.
  • SystemAdmin
    SystemAdmin
    483 Posts

    Re: authenticating to tivoli directory server

    ‏2012-04-09T20:32:25Z  
    • rjw_scw
    • ‏2012-04-09T16:18:20Z
    So here are my thoughts:

    Server = directory,mycompany.com
    Port=389
    User RDN type= uid
    Base DN = c=us,ou=directory,o=mycompany.com
    uncheck SSL

    Also, they need to import uid as well if they are going to import the
    list of LDAP users. (If they are just testing authentication, import is not necessary.
    Thanks for the feedback RJW unfortunately still the same error 'authentication failed' with your suggested settings.
    Do you know where on Guardium I can view the system logs to see what exactly is being send to the directory server?
  • SystemAdmin
    SystemAdmin
    483 Posts

    Re: authenticating to tivoli directory server

    ‏2012-04-10T00:54:29Z  
    OK .. I take that back. Your combination DID work I just wasn't entering the right username in the test. Not sure how the ldap import is going to work with this setup if we need the mail= attribute to be the login.
    Server = directory.mycompany.com
    Port=389
    User RDN type= uid
    Base DN = c=us,ou=directory,o=mycompany.com
    uncheck SSL

    Login ID=0A3339999 (I was only trying 0A3339 to begin with)

    thanks again