AD Connector fails to connect to Win2k3 but succeeds with Win 2008 with caveat.

wmlayton · 08-27-2008, 09:50 AM

Can anyone help with me with the AD connector?

Here is the scenario:

I have two AD servers, one is running Windows Server 2003 SP1 Ent. and the other is running Windows Server 2008 Ent. The Win2K3 server has had its schema extended using the adprep tool.

Here is where I run into problems, when I point untangle at my Win2K3 server the connection test fails every time. I have followed the wiki instruction to the letter and have combed google and the forum posts to figure out what I could be doing wrong and it still fails. I can look into the security log of the Win2k3 server and it shows a successful login from the untangle boxes's ip with admin credentials I have given it. But it still shows failure in the test.

So, when I point (I am sure this is not supported) untangle at the Server 2008 box with the identical settings, the test completes successfully but in the users box all I get is [any] and no specific users. I followed this forum post http://forums.untangle.com/directory-connector/4368-ad-connector-problem.html to see if that could be the issue but when I fully qualify the domain name the connection test fails.

I am not sure what to do here or what direction to take now to debug what is going on.

I am kinda beating my head against wall on this one, so help would be appreciated. I can post more detail for settings if need be.

wmlayton · 09-10-2008, 06:40 PM

On a lark I found what was preventing untangle from successfully connecting to my W2K3 AD server. The server had the M$ security wizard tool run which prevented access to AD. I rolled back the settings the wizard applied to AD and viola untangle connects and I can see all the users. Anyway, I hope this can be of help to anybody that runs into a similar issue. Although it doesn't appear anyone has experienced this since there were no replies.

08-27-2008, 09:50 AM	#1 (permalink)
wmlayton Untanglit Join Date: Jun 2008 Location: Corvallis, OR Posts: 25	AD Connector fails to connect to Win2k3 but succeeds with Win 2008 with caveat. Can anyone help with me with the AD connector? Here is the scenario: I have two AD servers, one is running Windows Server 2003 SP1 Ent. and the other is running Windows Server 2008 Ent. The Win2K3 server has had its schema extended using the adprep tool. Here is where I run into problems, when I point untangle at my Win2K3 server the connection test fails every time. I have followed the wiki instruction to the letter and have combed google and the forum posts to figure out what I could be doing wrong and it still fails. I can look into the security log of the Win2k3 server and it shows a successful login from the untangle boxes's ip with admin credentials I have given it. But it still shows failure in the test. So, when I point (I am sure this is not supported) untangle at the Server 2008 box with the identical settings, the test completes successfully but in the users box all I get is [any] and no specific users. I followed this forum post http://forums.untangle.com/directory-connector/4368-ad-connector-problem.html to see if that could be the issue but when I fully qualify the domain name the connection test fails. I am not sure what to do here or what direction to take now to debug what is going on. I am kinda beating my head against wall on this one, so help would be appreciated. I can post more detail for settings if need be.

Protect

Filter

Perform

Connect

Manage

Add-Ons

09-10-2008, 06:40 PM	#2 (permalink)
wmlayton Untanglit Join Date: Jun 2008 Location: Corvallis, OR Posts: 25	On a lark I found what was preventing untangle from successfully connecting to my W2K3 AD server. The server had the M$ security wizard tool run which prevented access to AD. I rolled back the settings the wizard applied to AD and viola untangle connects and I can see all the users. Anyway, I hope this can be of help to anybody that runs into a similar issue. Although it doesn't appear anyone has experienced this since there were no replies.