Does anyone have any tips for getting AD/LDAP bind request working at the server. I have the PaloAlto sending and receiving the bind request to authenticate, but the server reply packet says the credentials are invalid (error code 52e - invalid credential). My AD server administrator says the requests aren't making it to the server, but I have the packet traces to show they are sent and received by the PAN. Are there any aditional options to enable debugging at the server or are there additional options which need to be enabled in the AD server to allow LDAP interfacing. I realize this isn't a PAN issue, but I am exhausing all options.
as you point out this is most likely an issue with the AD server, but one last test you might run is to bind to LDAP with a username and password that do not contain any special characters (just to rule out this as a source of the issue).
Once you have done that I would do a packet capture on the AD server to demonstrate to the AD admin that the packets are being sent and processed by the LDAP portion of AD.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!