LDAP With ActiveDirectory not working?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

LDAP With ActiveDirectory not working?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
LDAP With ActiveDirectory not working?
LDAP With ActiveDirectory not working?
2023-12-18 20:02:20 - last edited 2023-12-19 01:53:32
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version: 1.3.0 Build 20230322 Rel.70951

Hello, 

 

we are using an ER7206 through Omada on our main-site. We want to setup an open-vpn connection, using LDAP-based authentication 
against our active directory. 

However, Omada refuses to connect to the LDAP-Server (Windows Server 2019 / Domain-Controller) 

 

Using the very same Data provided to Omada within any other ldap-browsing service or application works out of the box. 

There is unfortunately no (detailed) message, what's the issue, just saying "Failed to search the directory. Please check the LDAP server configurations."
Configurations however are as they are supposed to be. 

Any advices? Can I how somehow access some logs, telling me, what's the problem here? 
(Yes, the user created for omada ldap access has the required permissions, verified through other applications)
 

Version:

5.12.9

Build:

1.19.3 Build 20230906 Rel.38429



  0      
  0      
#1
Options
1 Accepted Solution
Re:LDAP With ActiveDirectory not working? -Solution
2023-12-19 01:53:15 - last edited 2023-12-19 01:53:32

Hi @dognose 

Thanks for posting in our business forum.

This is the article to set up LDAP with Omada.

How to install LDAP server on Windows and work with Omada Router to achieve unified account management

 

The controller does not support AD now. There is no ETA for supporting AD.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#4
Options
3 Reply
Re:LDAP With ActiveDirectory not working?
2023-12-18 20:30:01

 I've just checked two things: 

 

1) When trying to query data, the ajax-call does not contain any information about the bind-user - only server, port and ssl are send back to the "connection check": 


 

2) In the System Logs, I found the following related exception, trying to perform a null-bind on the ldap-server it seems. (no user / password) 





sooo, very high indication that your interface is just "ignoring" the selected Bind-Type, hence fails to transfer any user information to the backend for further processing? 
 

  0  
  0  
#2
Options
Re:LDAP With ActiveDirectory not working?
2023-12-18 20:47:33 - last edited 2023-12-18 20:49:41

Indeed, enabling Anonymous Access on the AD-Server (temporary) makes at least the initial connection work. 

However, trying to expand the root brings up the same connection issue, checking the logs again yields another ldap exception.

So, guess ldap-integration is just fundamentaly broken at all?


 

???

  0  
  0  
#3
Options
Re:LDAP With ActiveDirectory not working? -Solution
2023-12-19 01:53:15 - last edited 2023-12-19 01:53:32

Hi @dognose 

Thanks for posting in our business forum.

This is the article to set up LDAP with Omada.

How to install LDAP server on Windows and work with Omada Router to achieve unified account management

 

The controller does not support AD now. There is no ETA for supporting AD.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#4
Options