Windows Active Directory Integration

[jamesbourne]

I can't get active directory integration to work.

With security set at None I get:
Unable to authenticate: 80090308: LdapErr: DSID-0C090442, comment: AcceptSecurityContext error, data 52e, v3839

With TLS/SSL set I get:
Unable to authenticate: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate)

Our AD functional level is 2012R2

This documention:
https://assets.nagios.com/downloads/nag ... ponent.pdf

States that there should be a Certificate Authority available on the domain controller but that does not exist on our setup - we have just left AD to do it automatically.

Any idea what I am missing?

[cdienger]

Code: Select all

Unable to authenticate: 80090308: LdapErr: DSID-0C090442, comment: AcceptSecurityContext error, data 52e, v3839

52e means invalid credentials.

Code: Select all

Unable to authenticate: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate)

For the above, have you imported any CAs in to XI? In the case of a self signed cert, I believe you still need to have this imported into XI. Certificates should then be found under /etc/openldap/cacerts on the XI filesystem.