AD/LDAP Server authentication

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

AD/LDAP Server authentication

L0 Member

Does anyone have any tips for getting AD/LDAP bind request working at the server.  I have the PaloAlto sending and receiving the bind request to authenticate, but the server reply packet says the credentials are invalid (error code 52e - invalid credential).  My AD server administrator says the requests aren't making it to the server, but I have the packet traces to show they are sent and received by the PAN.  Are there any aditional options to enable debugging at the server or are there additional options which need to be enabled in the AD server to allow LDAP interfacing.  I realize this isn't a PAN issue, but I am exhausing all options.

1 REPLY 1

L6 Presenter

@sajens:

as you point out this is most likely an issue with the AD server, but one last test you might run is to bind to LDAP with a username and password that do not contain any special characters (just to rule out this as a source of the issue).

Once you have done that I would do a packet capture on the AD server to demonstrate to the AD admin that the packets are being sent and processed by the LDAP portion of AD.

-Benjamin

  • 2959 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!