EDR: Unable to restart cb-enterprise after configuring LDAP/AD Authentication
search cancel

EDR: Unable to restart cb-enterprise after configuring LDAP/AD Authentication

book

Article ID: 288579

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

  • Followed these steps for configuring AD integration for only AD authentication
  • Unable to restart the services at step 4
  • Seeing these errors in /var/log/cb/coreservices/debug.log:
<err> cb.auth.ldap_authorization - Error Loading LDAP configuration file
...
    raise KeyError(key)
KeyError: 'ldap_user_org'​

Environment

  • EDR Server: 7.7.0 and higher
  • LDAP
    • AD only (not OpenLDAP)

Cause

In the ldap.conf file, this line for ldap_user_org was commented out: 
# (OpenLDAP, FreeIPA only) Specify what org your users belong to
# ldap_user_org = ou=Users

Resolution

  1. Open the ldap.conf file and remove the # in front of ldap_user_org
  2. Restart the EDR server services

Additional Information

Whether using OpenLDAP or only AD authentication, the settings for the option not being used should be kept in the ldap.conf file but left blank.
Powered by Wolken Software