Integration samba4 LDAP

Hello people.

I am trying to integrate Sophos XG with our samba4. I can't authenticate domain users. I followed this KB:   https://community.sophos.com/kb/en-us/123163

 

If I enter credentials to authenticate (bind dn and pasword), I get this error:

ERROR Jul 31 10:32:50 [4142684672]: ldapauth_bind: bind failed: Strong(er) authentication required
ERROR Jul 31 10:32:50 [4142684672]: ldapauth_test_auth:'192.168.0.22:389': bind failed for user: 'CN=sophosxg,CN=Users,DC=domain,DC=local'

If I use anonymous authentication, I get this error:

ERROR Jul 31 10:35:07 [4127193920]: ldapauth_search_user: 192.168.0.22:389: search failed.. filter: '(UID=sophosxg)': Err: Operations error
ERROR Jul 31 10:35:07 [4127193920]: ldapauth_authenticate_user: '192.168.0.22:389': coudn't find USER DN using filter: (UID=sophosxg)
ERROR Jul 31 10:35:07 [4142684672]: check_auth_result: Authentication Failed

 

In authentication, check the options I have in Active directory or KB. I think it's some detail in that. Some help?

Thanks

  • Hi  

    Please check Base DN, 

    Enter the Base Distinguished Name (Base DN) of the directory service, which will indicate the starting point when searching for users in the directory service.

    If you do not know the Base DN, click Get BaseDN to retrieve the Base DN.

    Check Authentication method, if it is required SSL or STARTLS (ERROR Jul 31 10:32:50 [4142684672]: ldapauth_bind: bind failed: Strong(er) authentication required)

    Attributes details should be the same as per your LDAP configuration.

  • In reply to Keyur:

    Sorry not to explain. But I had already done this setup too.

    Look at the picture, it was successfully tested. But I can't authenticate, I have this error:

     

    ERROR Jul 31 11:16:07 [4127193920]: ldapauth_authenticate_user: '192.168.0.22:636': coudn't find USER DN using filter: (UID=sophosxg)
    ERROR Jul 31 11:16:07 [4142684672]: check_auth_result: Authentication Failed
    MESSAGE Jul 31 11:16:07 [4142684672]: (update_admin_access_table): # Admin user authentication fail from IP 192.168.0.25

     

    My bind dn is correct. 

  • In reply to Christovam:

    Hi.

     

    I confused I saw a local user of XG com samba4. Continuous as erro abaixo. Does anyone suggest what it is?

    ERROR Jul 31 10:35:07 [4127193920]: ldapauth_authenticate_user: '192.168.0.22:389': coudn't find USER DN using filter: (UID=sophosxg)

  • In reply to Christovam:

    Hi

    It is corrected. It was or attribute that was wrong, change "uid" to "sAMAccountName".

    Authentication Attribute = sAMAccountName