Auth LDAP: LDAP bind (service) failed: LDAP Result Code 2 "Protocol Error": #3496
Milestone
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Hi,
I want to use LDAP as authentication back-end for Vault. and while I am trying to connect to the LDAP server I receive the below error.
[14:18:48 LOCAL vault@vault ~]$ vault auth -method=ldap username=msdpeu
==> WARNING: VAULT_TOKEN environment variable set!
The environment variable takes precedence over the value
set by the auth command. Either update the value of the
environment variable or unset it to use the new token.
Password (will be hidden):
Error making API request.
URL: PUT http://192.168.56.130:8200/v1/auth/ldap/login/msdpeu
Code: 400. Errors:
My LDAP auth setup is as seen below:
[14:18:35 LOCAL vault@vault ~]$ vault read auth/ldap/config
Key Value
binddn cn=Directory Manager,dc=eu,dc=example
bindpass xyz
certificate
deny_null_bind true
discoverdn false
groupattr cn
groupdn
groupfilter (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))
insecure_tls true
starttls false
tls_max_version tls12
tls_min_version tls12
upndomain
url ldap://192.168.56.150:389
userattr msdpeu
userdn
The query from the ldap server is the following one:
[root@c6 tmp]# ldapsearch -D "cn=directory manager" -w xyz-p 389 -h 192.168.56.150 -b "uid=msdpeu,ou=admins,ou=admin,,dc=eu,dc=example"
extended LDIF
LDAPv3
base <uid=msdpeu,ou=admins,ou=admin,dc=example,dc=com> with scope subtree
filter: (objectclass=*)
requesting: ALL
msdpeu, admins, admin, example.com
dn: uid=msdpeu,ou=admins,ou=admin,dc=example,dc=com
uid: msdpeu
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
givenName: msdp eu
sn: msdp eu
cn: msdp eu
userPassword:: e1NIQ
search result
search: 2
result: 0 Success
numResponses: 2
numEntries: 1
Please help me in solving this problem
The text was updated successfully, but these errors were encountered: