Testing Security Analytics LDAP functionality
search cancel

Testing Security Analytics LDAP functionality

book

Article ID: 169009

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

If you are dealing with LDAP issues, the following can assist in testing if LDAP is working with Security Analytics.

Resolution

1. SA UI setting for LDAP

Setup LDAP Authentication in Settings / Authentication in the Security Analytics UI

 

 
Please begin with a simple setup to make sure that connectivity and authentication works fine.
You can then add complexity when you are sure the basics are working.
 
After doing this, validate your settings using ldapsearch finding a certain user (user1) in the specified searchbase
 

2. Example user data

 
LDAPUSERNAME=user1
HOST=lab.example.com
HOSTPORT='389'
SEARCHBASE='dc=lab,dc=example,dc=com'
BINDDN='[email protected]'
BINDPASSWORD='password'
 

3. ldapsearch CLI Parameters needed:

 
ldapsearch -x -h $HOST \
-p $HOSTPORT \
-D $BINDDN \
-w $BINDPASSWORD \
-b $SEARCHBASE \
"(&(objectClass=User)(sAMAccountName=$LDAPUSERNAME))"
  

4. ldapsearch CLI example using the user data from #2.

 
ldapsearch -x -h lab.example.com -p 389 -D [email protected] -w Passw0rd -b "dc=lab,dc=example,dc=com" "(&(objectClass=User)(sAMAccountName=user1))"
 

3. Output abridged (full output attached as a text file)


# extended LDIF
#
# LDAPv3
# base <dc=lab,dc=example,dc=com> with scope subtree
# filter: (&(objectClass=User)(sAMAccountName=user1))
# requesting: ALL
#
 
# user1 MTD, Users, lab.example.com
dn: CN=user1 MTD,CN=Users,DC=lab,DC=example,DC=com

***snipped***

msExchRBACPolicyLink: CN=Default Role Assignment Policy,CN=Policies,CN=RBAC,CN
 =mtdtest,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=lab,DC=mtdtest
 ,DC=com
publicDelegatesBL: CN=quarantine,CN=Users,DC=lab,DC=example,DC=com
 
# search reference
ref: ldap://ForestDnsZones.lab.mtdtest.com/DC=ForestDnsZones,DC=lab,DC=example
 ,DC=com
 
# search reference
ref: ldap://DomainDnsZones.lab.example.com/DC=DomainDnsZones,DC=lab,DC=example
 ,DC=com
 
# search reference
ref: ldap://lab.example.com/CN=Configuration,DC=lab,DC=example,DC=com
 
# search result
search: 2
result: 0 Success
 
# numResponses: 5
# numEntries: 1
# numReferences: 3
[root@hostname ~]#


 
 If you are still having issues and want to analyze the logs, you can follow the steps in this KB article to enable additional debugging: How to enable LDAP debug for troubleshooting authentication issues on Security Analytics (Solera)