opers13_3280
Oct 17, 2009Nimbostratus
LDAP configuration
I'm in the process of configuring LDAP on the F5.
Do I have to create an account in AD for the F5 so it can search LDAP??
thanks
Mar 6 13:12:56 F5device httpd[25036]: pam_ldap: error trying to bind (Invalid credentials)
Mar 6 13:12:56 F5device httpd(pam_unix)[25036]: authentication failure; logname= uid=48 euid=48 tty= ruser= rhost=10.20.66.59 user=XXXX
Mar 6 13:12:59 F5device httpd[25036]: [error] [client 10.20.66.59] AUTHCACHE PAM: user 'XXXX' - not authenticated: Authentication failure, referer: https://F5device.com/
I am using below version
:Active] config b version
Kernel:
Linux 2.4.21-9.3.1.37.0smp
Package:
BIG-IP Version 9.3.1 66.0
Hotfix HF5 Edition
My ldap config looks like below (/etc/ldap.conf)
host 161.228.215.112
base OU=Service,OU=PBUsers,DC=subdomain1,DC=domain,DC=global,DC=pvt
ldap_version 3
binddn binduser@subdomain1.domain.global.pvt
bindpw passowrd
port 389
scope sub
timelimit 30
bind_timelimit 30
idle_timelimit 3600
pam_login_attribute uid
pam_check_host_attr no
usertemplate uid=%s,OU=PBUsers,DC=usdby1-pbiadp01,DC=pbi,DC=global,DC=pvt