Trouble getting LDAP wizard to work

[scottwilkerson]

Lets run the following command editing only the IP and password (note we changed to check_ldap from check_ldaps)

Code: Select all

/usr/local/nagios/libexec/check_ldap -H 192.168.99.x -b "DC=whro,DC=local" -D "CN=ron bennington,OU=WHRO Staff,OU=Real Users,OU=User OUs,DC=whro,DC=local"-P "PAssword" -2

[benningtonr]

Here are the results, thanks again for all your help

[root@nagios ~]# /usr/local/nagios/libexec/check_ldap -H 192.168.99.x -b "DC=whro,DC=local" -D "CN=ron bennington,OU=WHRO Staff,OU=Real Users,OU=User OUs,DC=whro,DC=local"-P "password" -2
Could not search/find objectclasses in DC=whro,DC=local

[scottwilkerson]

Do you know what version of the ldap protocol your ldap server uses?

[benningtonr]

I do not, but I can check.

[benningtonr]

V3

[scottwilkerson]

Then lets try and run the following

Code: Select all

/usr/local/nagios/libexec/check_ldap -H 192.168.99.x -b "DC=whro,DC=local" -D "CN=ron bennington,OU=WHRO Staff,OU=Real Users,OU=User OUs,DC=whro,DC=local"-P "PAssword" -3

[yancy]

Your connection string should look like this:

Note CN instead of OU

/usr/local/nagios/libexec/check_ldap -H 192.168.99.x -b "DC=whro,DC=local" -D "CN=ron bennington,CN=WHRO Staff,CN=Real Users,CN=User OUs,DC=whro,DC=local"-P "PAssword"

to verify, from your Windows domain controller,

start > run > ldp

from Ldp:
connection > connect (current user should be fine)

Next:
Browse > search >

Base DN:
DC=whro,DC=local" -D "CN=ron bennington,OU=WHRO Staff,OU=Real Users,OU=User OUs,DC=whro,DC=local"

Scope: Subtree

Example results:
ldap_search_s(ld, "CN=usernagios,CN=Users,dc=jupiter,dc=nagios,dc=org", 0, "(objectclass=*)", attrList, 0, &msg)
Getting 1 entries:
Dn: CN=usernagios,CN=Users,dc=jupiter,dc=nagios,dc=org
canonicalName: jupiter.nagios.org/Users/usernagios;
name: usernagios;
objectClass (4): top; person; organizationalPerson; user;

[benningtonr]

-----------
***Searching...
ldap_search_s(ld, "DC=whro,DC=local" -D "CN=ron bennington,OU=WHRO Staff,OU=Real Users,OU=User OUs,DC=whro,DC=local"", 2, "(objectclass=*)", attrList, 0, &msg)
Error: Search: Invalid DN Syntax. <34>
Server error: 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1
Error 0x208F The object name has bad syntax.
Result <34>: 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1
Getting 0 entries:

[benningtonr]

***Searching...
ldap_search_s(ld, "DC=whro,DC=local" -D "CN=ron bennington,CN=WHRO Staff,CN=Real Users,CN=User OUs,DC=whro,DC=local"", 2, "(objectclass=*)", attrList, 0, &msg)
Error: Search: Invalid DN Syntax. <34>
Server error: 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1
Error 0x208F The object name has bad syntax.
Result <34>: 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1
Getting 0 entries:
-----------

[yancy]

Just to confirm, your AD FQDN is "whro.local"

can you ping that address:
ping whro.local

for example,
C:\Users\Administrator>ping nagios.jupiter.org

Pinging nagios.jupiter.org [176.74.176.175] with 32 bytes
Reply from 176.74.176.175: bytes=32 time=114ms TTL=49
Reply from 176.74.176.175: bytes=32 time=114ms TTL=49

***Searching...
ldap_search_s(ld, "CN=administrator,CN=Users,dc=jupiter,dc=nagios,dc=org", 2, "(objectClass=*)", attrList, 0, &msg)
Getting 1 entries:
Dn: CN=Administrator,CN=Users,DC=jupiter,DC=nagios,DC=org
canonicalName: jupiter.nagios.org/Users/Administrator;
description: Built-in account for administering the computer/domain;
name: Administrator;
objectClass (4): top; person; organizationalPerson; user;