We are setting up LDAP connection for user authentication on DT AppMon 6.5
LDAP test connection is success. We are able to generate certificate & view it. But we are not able to connect client using LDAP user ID's.
Please find below queries/ problem:
1. There is group limitation 10,000. how we can increase it. As we are able to find few Group ID's
2. Under Accounts when we are creating user ID & select pre deifned user groups (as we are not able to select group which is deifned from LDAP as it is auto - assigned by LDAP) we are ending up with below error
2018-10-18 12:22:21 WARNING [LdapConnection] Failed to authenticate user: "CN=Ramesh xxx /xx/xx/xx/xx,OU=CONSULTANTS,OU=xxxI xxK LTD,OU=ADUSERS",DC=xxxxankltd,DC=com with [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580
2018-10-18 12:22:21 WARNING [LdapAuthenticationModule] LDAP authentication failed for user: xxx156607
2018-10-18 12:22:21 WARNING [ClientSessionInitializer] Failed to login user 'xxx156607'
3. What are the privileges required for Bind DN ID (xxxxAP /xx/xxNK/xx)?
Bind DN: CN=xxxxAP /xx/xxNK/xx,OU=APPS IDS,OU=xxxI xxNK LTD,OU=ADUSERS,DC=xxxxnkltd,DC=com
4. What are the search attributes for LDAP used your env. (we have refered DT doc - default user/group search attributes is not helping us. Need help with some used cases)
Server connection Log:
2018-10-18 11:32:23 INFO [PermissionManager] Testing LDAP connection: ssl:CN=xxxxANK/HYD,OU=APPS IDS,OU=xxxxCI xxNK LTD,OU=ADUSERS,DC=xxxxankltd,DCfirstname.lastname@example.org:636/DC=xxxxankltd,DC=com
2018-10-18 11:32:23 INFO [LdapConnection] vendorName =
2018-10-18 11:32:23 INFO [LdapConnection] vendorVersion =
2018-10-18 11:32:23 INFO [LdapConnection] supportedLDAPVersion = 3
2018-10-18 11:32:23 INFO [LdapConnection] supportedLDAPVersion = 2
2018-10-18 11:32:23 INFO [LdapConnection] supportedSASLMechanisms = GSSAPI
2018-10-18 11:32:23 INFO [LdapConnection] supportedSASLMechanisms = GSS-SPNEGO
2018-10-18 11:32:23 INFO [LdapConnection] supportedSASLMechanisms = EXTERNAL
2018-10-18 11:32:23 INFO [LdapConnection] supportedSASLMechanisms = DIGEST-MD5
2018-10-18 11:32:23 INFO [LdapConnection] defaultNamingContext = DC=xxxxankltd,DC=com
2018-10-18 11:32:23 INFO [LdapConnection] dnsHostname = xxxxxC001.xxxxankltd.com
2018-10-18 11:32:23 INFO [LdapConnection] isGlobalCatalogReady = TRUE
2018-10-18 11:32:23 INFO [LdapConnection] domainFunctionality = 4
Because you are using Microsoft Active Directory LDAP system, did you add this configurations in <DT_HOME>/dtserver.ini :
Thanks for your reply.
Yes our AD server is Microsoft. We have already added config in dtserver.ini file. Please find below screenprint.
Query- Do we need to append at bottom of config or after -Dcom.dynatrace.diagnostics.debugMobileCorrelation=true? Will it make any difference. Thanks
Would like to know when we set userID and select "Use LDAP authentication" why password & "dynatrace community credentials" password are visible with encrypted characters (5 char)? PFB screenprint