NetApp FAS 2040 LDAP Win2k8R2

Posted by it_stuck on Server Fault See other posts from Server Fault or by it_stuck
Published on 2011-06-20T17:29:45Z Indexed on 2012/05/31 4:42 UTC
Read the original article Hit count: 1108

I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options:

filer> options ldap
ldap.ADdomain                dc1.colour.domain.local
ldap.base                  OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local
ldap.base.group
ldap.base.netgroup
ldap.base.passwd
ldap.enable                  on
ldap.minimum_bind_level      anonymous
ldap.name                    domain-admin-account
ldap.nssmap.attribute.gecos  gecos
ldap.nssmap.attribute.gidNumber gidNumber
ldap.nssmap.attribute.groupname cn
ldap.nssmap.attribute.homeDirectory homeDirectory
ldap.nssmap.attribute.loginShell loginShell
ldap.nssmap.attribute.memberNisNetgroup memberNisNetgroup
ldap.nssmap.attribute.memberUid memberUid
ldap.nssmap.attribute.netgroupname cn
ldap.nssmap.attribute.nisNetgroupTriple nisNetgroupTriple
ldap.nssmap.attribute.uid    uid
ldap.nssmap.attribute.uidNumber uidNumber
ldap.nssmap.attribute.userPassword userPassword
ldap.nssmap.objectClass.nisNetgroup nisNetgroup
ldap.nssmap.objectClass.posixAccount posixAccount
ldap.nssmap.objectClass.posixGroup posixGroup
ldap.passwd                  ******
ldap.port                    389
ldap.servers
ldap.servers.preferred
ldap.ssl.enable              off
ldap.timeout                 20
ldap.usermap.attribute.unixaccount unixaccount
ldap.usermap.attribute.windowsaccount sAMAccountName
ldap.usermap.base
ldap.usermap.enable          on

output of nsswitch.conf:

hosts: files dns
passwd: ldap files 
netgroup: ldap files 
group: ldap files 
shadow: files nis

Error Message(s):

[filer: auth.ldap.trace.LDAPConnection.statusMsg:info]: AUTH: TraceLDAPServer- Starting AD LDAP server address discovery for dc1.colour.domain.LOCAL.
[filer: auth.ldap.trace.LDAPConnection.statusMsg:info]: AUTH: TraceLDAPServer- Found no AD LDAP server addresses using DNS site query (site).
[filer: auth.ldap.trace.LDAPConnection.statusMsg:info]: AUTH: TraceLDAPServer- Found no AD LDAP server addresses using generic DNS query.
Could not get passwd entry for name = <random user>

the filer can ping the FQDN of dc1
the filer can ping the IP of dc1
the filer cannot ping "dc1"

I'm not sure where I'm going wrong, so any pointers would be great.

© Server Fault or respective owner

Related posts about windows-server-2008-r2

Related posts about ldap