cnMaestro-1.6.0-r18 Active Directory Authentication Issues

Products cnMaestro
1

Hello,

There seems to be some user-interface issues with configuring the Active Directory authentication servers.

1)  When you pick SSL/TLS Security (during add or edit), and select the certificate file to upload, the interface will respond with a red box that states the certificate file is required (when it was supplied)

2) When you edit a server, and the entry has SSL/TLS Security OFF, the UI still shows the file selector for the certificate even though it is not needed.  If you attempt to save, it will tell you the certificate is required.  The workaround is to select and then de-select the SSL/TLS Security checkbox before saving.

When testing the connect, WHY are there 3 boxes to test authentication (User Id, Password, and Account) ?  A true test should only have 2 boxes (User name and password) to match the 2 boxes that are shown during normal login to cnMaestro...  What 3 values should I be putting in there?  No matter what I do to test, I always am told the credentials are wrong even though I am using the same configuration for authenticating as I do with all our linux machines on our network (using SSSD under linux works fine, so I know my setup should be valid)

2

Hi Robert,

Please find my responses in line:

Observation 1: When you pick SSL/TLS Security (during add or edit), and select the certificate file to upload, the interface will respond with a red box that states the certificate file is required (when it was supplied)

> While Creating/Editing an entry for Active Directory authentication, you need to upload a valid root certificate in .pem format, then only the cnMaestro accepts and saves successfully.

 Observation 2: When you edit a server, and the entry has SSL/TLS Security OFF, the UI still shows the file selector for the certificate even though it is not needed.  If you attempt to save, it will tell you the certificate is required.  The workaround is to select and then de-select the SSL/TLS Security checkbox before saving

If you uncheck the SSL box and save, the certificate path disappears but if reopened again you can see this path.We are working on it and will be fixed but, this behavior do not impact functionality. 

Observation 3: When testing the connect, WHY are there 3 boxes to test authentication (User Id, Password, and Account) ?  A true test should only have 2 boxes (User name and password) to match the 2 boxes that are shown during normal login to cnMaestro...  What 3 values should I be putting in there?  No matter what I do to test, I always am told the credentials are wrong even though I am using the same configuration for authenticating as I do with all our linux machines on our network (using SSSD under linux works fine, so I know my setup should be valid)

> We have provided three fields under Test button.

Field 1: Active directory user name binded with DN

Field 2: Password

Field 3: Simply Account name for which super-user wants to check the role allotment.

If you are getting Invalid Credentials, it indicate the certificate issue. Please try uploading a root certificate in .pem format and let us know the results.