Testing an LDAP configuration

Use the ldap_test command to authenticate the specified user against an LDAP server, based on the existing configuration.

ldap_test [ fqdn=Fqdn ] user=UserName password=Password

Parameters

Name Type Description Mandatory Default
fqdn N/A FQDN of an LDAP server. N All servers
user String The username of the tested user. Y N/A
password String The password of the tested user. Y N/A

Example: 

xcli.py ldap_test user=user1 password=pass1

Output: 

Command completed successfully

Access control

User Category Permission
Storage administrator Allowed
Storage integration administrator Disallowed
Application administrator Disallowed
Security administrator Disallowed
Read-only users Disallowed
Technicians Disallowed

Return codes

  • NO_LDAP_SERVERS_ARE_DEFINED

    No LDAP servers are defined in the system

  • LDAP_SERVER_NOT_DEFINED

    LDAP server Server FQDN is not defined in the system.

  • LDAP_IS_NOT_FULLY_CONFIGURED

    LDAP is not fully configured

    Troubleshooting: Check your settings.

  • NO_LDAP_SERVERS_WITH_CERTIFICATE_ARE_DEFINED

    No LDAP servers with an LDAP certificate are defined in the system

  • SSL_CERTIFICATE_HAS_EXPIRED_FOR_SERVER

    SSL certificate of ldap server 'Server FQDN' has expired on Expiration Date.

  • USER_IS_PREDEFINED_IN_THE_SYSTEM

    User is predefined in the system

  • LOGIN_FAILURE_USER_CANNOT_BE_UNIQUELY_AUTHENTICATED_BY_LDAP_SERVER

    User User Name was not uniquely authenticated by LDAP server 'Server FQDN'.

  • LOGIN_FAILURE_LDAP_SERVER_UNREACHABLE

    No LDAP server can be reached.

  • LOGIN_FAILURE_XIV_USER_NOT_AUTHENTICATED_BY_LDAP_SERVER

    XIV User 'XIV User' was not authenticated by LDAP server 'Server FQDN'.

  • LOGIN_FAILURE_LDAP_SERVER_UNREACHABLE_OR_USER_NOT_FOUND

    User User Name was not found in LDAP servers 'Servers FQDN'.

  • LOGIN_FAILURE_INVALID_BASE_DN

    The base dn of server 'Server FQDN' is invalid.

  • LOGIN_FAILURE_USER_NOT_AUTHENTICATED_BY_LDAP_SERVER

    User User Name was not authenticated by LDAP server 'Server FQDN'.

  • LOGIN_FAILURE_USER_HAS_NO_RECOGNIZED_ROLE

    User User Name has no recognized LDAP role.

  • LOGIN_FAILURE_USER_HAS_MORE_THAN_ONE_RECOGNIZED_ROLE

    User User Name has more than one recognized LDAP role.

  • LOGIN_FAILURE_USER_MISSING_ID_ATTRIBUTE

    User User Name is missing the LDAP ID attribute 'Attribute'.

  • LOGIN_FAILURE_USER_MISSING_GROUP_ATTRIBUTE

    User User Name is missing the group attribute 'Attribute'.

  • LOGIN_FAILURE_USER_NOT_FOUND_IN_LDAP_SERVERS

    User User Name was not found in LDAP servers.

  • LDAP_ROLE_UNRECOGNIZED

    LDAP role for user is not recognized in the system

  • LDAP_SERVER_NOT_FOUND

    LDAP server with specified FQDN is not defined in the system

  • LDAP_AUTHENTICATION_IS_NOT_ACTIVE

    LDAP authentication is not active