Please keep all your SpiceWorks 3.0 Beta discussion regarding LDAP & Active Directory integration and any bugs etc etc in this thread.
16 Spice ups
Ok Just found this thread.
I downloaded and installed 3.0 today looks great BTW.
I’m trying to setup AD authentication. I enter my setting and hit save when I select to “enable” it says something like Testing failed please check your settings.
I know the AD account is working and I am entering the settings as directed.
Is there something I am missing?
jgrubbs
(Jonathan Grubbs)
3
I’m getting the same thing, when I put in my server IP with username and password and click Save it shows Testing… then changes to Referral, but when I click enable it shows Testing failed please check your settings.
The enable/disable toggle is causing the confusion here. On the email settings page it is worded differently. There it says ‘currently enabled, disable’. You do not have to select this to activate the user authentication. Once you get your settings saved, it is there to turn it off if you need to.
You can see this in the User portal as it will switch between asking for an email address(non LDAP) and a Username/password(LDAP configured).
So if you have it with the ‘enable’ showing, try saving your settings. I will look into this more tomorrow and see if you are getting into a situation where it stays disabled.
The ActiveDirectory server can be an ip address or the actual servername.
The User is Domain<your username> just like when you log on to Windows. You can also enter @. So MyDomain\connie or connie@mydomain.com or connie@sub.mydomain.com.
We had seen the ‘Referral’ in our environment but resolved the problem. You will also get this if you try to save while it’s disabled.
Thanks,
Connie
jgrubbs
(Jonathan Grubbs)
5
We are still getting Referral when we click on the save button. What did you do to resolve that problem. What is the correct response we are looking for when we click the save button?
I’m getting the same thing. Is there a workaround?
What type(version) of LDAP server are you running against? The referral error is a generic error when something is failing while trying to authenticate with the server (something wrong other than bad credentials).
W2k3 AD
Functional Level: Windows 2000 native (If that matters)
Guys,
One other issue that might be contributing to this is not specifying a “full” domain name. For instance if your domain is “foo” and your company is say something like acme.com; you might need to try a fully qualified domain name such as greg@foo.acme.com instead of just greg@foo.
Additionally, did you try something like foo\greg? Let me know the results of both of these… We might need to send you a little testprogram to try out something to get more details…
The W2K3 AD sounds good. That is one we have tested against.
jgrubbs
(Jonathan Grubbs)
10
MYDOMAIN\john wouldn’t work, I kept getting Referral, when I chaged it to john@mydomain it worked. Thanks!!
BINGO! Thats it. Thanks guys.
Was just able to get my AD integration working as well. FYI, the “catch” for me was to include the “.local” as part of the domain name.
zack8432
(Zack1318)
14
This is more of a request than a problem.
With AD integration now working is it possible to add the ablity to use IE to pass the user authentication on to spiceworks.
For example if we wanted to use group policy to add the spiceworks server to our intranet zone and then have the security settings within that zone set to “Automatic logon with current user name and password”. Then have the spiceworks server pick up that information and use that information to log the person on.
kerberized logins would be awesome. Their webserver must support it though.
What about support people. Can these be ldap based?
Rob-Dunn
(Rob Dunn)
16
This would be awesome - maybe even have the ability to reference a ‘help desk’ group in AD. I.e. - anyone in the help desk group is automatically a technician.
I get the following error.
Error on outgoing settings: Could not send email: ExchangeMailer::ConfigurationError
adam8284
(Adam7433)
19
Our network consists of the forest root domain, 2 child domains, 6 domain controllers and 3 “seperate” Active Directories. Staff are members of a domain depending on what access they require. Looking at the AD Integration settings I can only specifiy one AD server to work with Spiceworks meaning only a proportion of staff can use the feature - Any plans to change this in the final realease for those of us in this situation (I suspect i’m not the only one).
What type of authentication is being used against the servers? There is some concern that passwords are being sent in the clear when using Spiceworks to authenticate. I sniffed the traffic and it seems to be sending the passwords in the clear.
