[ST OMU] Enabling ldap authentication on Active Directory with multiple search DN´s
By following the Operations Manager for Unix (OMU) Admin guide, authentication works in Active Directory (AD) for normal users but not when opc_op account is in a different Organizational Unit (OU)
The files /etc/pam.d/ovo, and /etc/ldap.conf have been configured.
This works when having the base set in /etc/ldap.conf to:
base OU=All users, DC=cof,DC=ds,DC=abc,DC=com
This works fine for authenticating normal users. However, the opc_op AD account is in a different OU. That’s in
OU=B, DC=cof,DC=ds,DC=abc, DC=com
So, the base DN should be able to be set to:
But when doing this, after giving the user name and password, the Operations Manager for Unix (OMU) Java GUI login screen disappears and it seems to be waiting for the authentication.
If left long eventually it will fail with a Socket Closed error.
There is a way of adding multiple search DN’s in the ldap.conf as follows:
nss_base_passwd OU=All Users,DC=cof,DC=ds,DC=abc,DC=com
This now will allow to authenticate normal users in the OU=All Users, and opc_op in the OU=B tree.
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.
If you liked it I would appreciate KUDOs.