Unable to setup WLC for LDAP

Similar Messages

• WLC and LDAP Groups

  Is there any way on an LDAP server to create an LDAP group that can be tied to the WLC for LDAP authentication.  I have this url that explains local authentication and LDAP...  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml .  That helps with local authentication but one thing I don't see is any guidance on how to create a group in a DC to communicate with anything on WLC.  Any ideas?

  You are right. You need a radius server overall that integrates with AD and do AD-to-radius group mapping. This way authentication is allowed/denied from radius, not WLC itself.
  If the user can get a radius server to achieve this that will be great (especially if the user is using 802.1x/EAP authenticaion). If not, what I described about OU mapping is the only solution to get the users classified as per what I understood from users requirements.
  The user is not only limited to Microsoft RADIUS (IAS or NPS). However, any radius server that supports AD group mapping can be used. with cisco ACS for example this is supported as well. I am not sure if this is also supported with open-source radius (openRadius for example). But if it is then openRadius can also be used.

• Unable to Connect, ORA 12154, Setup routine for Microsoft ODBC errors

  Hi all,
  I have a Windows 7 Enterprise 64bit SP1 system and I wanted to be able to connect to an oracle database server. However, I am facing a problem with ODBC configuration.
  I have currently installed both below in ... product\11.2.0\client_1 folder:
  1. Oracle Database 11g Release 2 Client (11.2.0.1.0) for Microsoft Windows (x64) - http://www.oracle.com/technetwork/database/windows/downloads/index-090165.html
  2. 64-bit Oracle Data Access Components (ODAC) - http://www.oracle.com/technetwork/database/windows/downloads/index-090165.html
  I launched ODBC Data Source Administrator and added a User DSN but resulted to two errors:
  1. The setup routines for the Microsoft ODBC for oracle ODBC driver could not be found. Please reintall the driver.
  2. The specified DSN contains an architecture mismatch between the driver and application.
  On top of that, if I go to System DSN tab, and tried to test the connection it give me an error:
  1. Unable to connect SQLState = 08004 [Oracle][ODBC][Ora]ORA-12154: TNS: Could not resolved the identifier specified.
  Can someone please guide me through this? Thanks in advance!
  Edited by: VTech on Feb 26, 2013 2:13 PM

  VTech wrote:
  Hi all,
  I have a Windows 7 Enterprise 64bit SP1 system and I wanted to be able to connect to an oracle database server. However, I am facing a problem with ODBC configuration.
  I have currently installed both below in ... product\11.2.0\client_1 folder:
  1. Oracle Database 11g Release 2 Client (11.2.0.1.0) for Microsoft Windows (x64) - http://www.oracle.com/technetwork/database/windows/downloads/index-090165.html
  2. 64-bit Oracle Data Access Components (ODAC) - http://www.oracle.com/technetwork/database/windows/downloads/index-090165.html
  You only need one of these (the second one should suffice).
  I launched ODBC Data Source Administrator and added a User DSN but resulted to two errors:
  1. The setup routines for the Microsoft ODBC for oracle ODBC driver could not be found. Please reintall the driver."Microsoft ODBC for Oracle" is a different provider than "Oracle ODBC". Make sure you're not using the Microsoft one.
  2. The specified DSN contains an architecture mismatch between the driver and application.This can happen if you're mixing 32-bit and 64-bit. There's two ODBC control panels in Windows 7:
  - the 64 bit one is the one in control panel
  - the 32 bit one is c:\windows\syswow64\odbcad32.exe
  Since you're using a 64 bit Oracle driver, you should be using the 64 bit ODBC administrator, and 64 bit applications. If you're trying to use this ODBC connection with a 32 bit application, you'll need to use the 32 bit ODBC (and the 32 bit Oracle driver).
  On top of that, if I go to System DSN tab, and tried to test the connection it give me an error:
  1. Unable to connect SQLState = 08004 [Oracle][ODBC][Ora]ORA-12154: TNS: Could not resolved the identifier specified.Well that actually means it's loading Oracle correctly, so that's something. You need to add an entry for the server you want to connect to into tnsnames.ora, located in the \network\admin folder inside of your Oracle client installation. Since it sounds like someone else set up the server you want to connect to, your DBA should be able to provide the information that goes into the file.

• Module: AppleODClientLDAP - unable to open connection to LDAP server - unable to create connection context

  Hi everybody,
  I'm running in an urgent problem, because binding to my OpenDirectory got lost. I've lots of "Module: AppleODClientLDAP - unable to open connection to LDAP server - unable to create connection context" messages in the system.log and OD service stoppped running. In the OD-section no server is listed any longer and all buttons are greyed. All network users for sure are not available, but all other services are up. I didn't changed anything to the existing services but started with the netinstall config. I got the following entries in the systemlog
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: server name macminiserver.homenet
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: interface en0: ip 192.168.0.11 mask 255.255.255.0
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: subnets: Failed to convert 'domain_search': Empty array
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: re-reading configuration
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: shadow file size will be set to 48 megabytes
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: age time 00:15:00
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: no NetBoot images found
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bootpd: NetBoot service turned off
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: DHCP REQUEST [en0]: 1,0:1b:77:36:47:f6 <NB01>
  Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: ACK sent NB01 192.168.0.107 pktsize 304
  Since these logentries appeared, no network users and groups are available anymore. I'm running OS X ML 10.8.3 and DNS is fine.
  Are there any steps to perform to get LDAP working again? With all buttons in the server admin OD section greyed out I even can't setup a new directory.
  BR
  Jens

  I was able to restore the existing server with the automatic OD backup that Server.app creates. When my OD fails to start after a crash and db_recover commands don't work, it's always worked for me to restore the odmaster from a backup using the command:
  sudo slapconfig -restoredb /private/var/backups/ServerBackup_OpenDirectoryMaster.sparseimage
  I'm careful to keep an independent OD backup with Carbon Copy Cloner and this preflight script.
  You can also grab an earlier version of the sparse image ServerBackup_OpenDirectoryMaster.sparseimage from a Time Machine backup. It's also possible to rsync the database files directory from a Time Machine backup.

• Error when crawling "Unable to load stemmer for locale 1033. Error code 80040111."

  In the Sharepoint Search Service I get tose error "MAPI: Logon failed. " in the log and "Unable to load stemmer for locale 1033. Error code 80040111." in ULS.
  The error code 80040111 is well a relation with Mapi but what about stemmer???

  Hi,
  For your issue, check your current language settings and ensure that search supports the current language.
  On the SharePoint Server open Registry Editor (Start -> type “Regedit” and hit enter). 
  Point to : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OfficeServer\14.0\Search\Setup\ContentIndexCommon\LanguageResources\Default\English
  Under the registry key for each of the languages there is a value called StemmerDLLPath and WBDLLPathOverride
  Updated the registry entry with NATURA~1.dll to NATURA~2.dll
  Point to Start -> Administrative Tools -> Services, right click on SharePoint Server Search 14 and click on Restart.
  Performed a Full Crawl and wait for the Full Crawl to complete and try searching again.
  For more detailed information, refer to the following blogs:
  http://blog.ithinksharepoint.com/2008/04/20/a-word-breaker-was-not-found-for-the-given-language-error-when-crawling-content/
  http://www.sharepoint2013.me/Blog/Post/175/Word-breakers-in-SharePoint-2013
  Best Regards,
  Lisa Chen
  Lisa Chen
  TechNet Community Support

• WLC 5508 LDAP Windows 2008 Server - auth based on AD groups

  hi NG,
  i'm trying to web-authenticate my Wifi user of an WLC 5508 against LDAP.
  Thereby i'm trying to autenticate all users within a GROUP, not an OU within the MS Active Directory based upon an Windows 2008 Server.
  I can authenticate against a user, witch is beeing put into an OU, according to examples based here: https://www.cisco.com/en/US/products/ps6366/prod_configuration_examples_list.html
  Checking based upon Users within OUs works fine.
  But i have not got all of those users wihin one single OU!
  Need help for following:    LDAP-Auth based on AD Groups:
  Using:
  MS-Domain:                          MY-DOMAIN.CH
  AD-GROUP:                          VPN-USERS
  AD-Structure:
  MY-DOMAIN.CH
  |
  GROUPS
          |
      Administrative Groups
                        |
                   VPN-USERS
                            (-> Member of this Groups (Wireless1, Wirless2, ...)
  Server Adress:               IP.IP.IP.IP
  Port:                                 389
  Enable Server Stats      YES
  Simple Bind                    Authenticated
  Bind Username              LDAP-USER
  Bind Password               supersecret
  Bind Passw. confirm      supersecret
  User Base DN:               ?-1-?
  User Attribute:                ?-2-?
  User Object Type:          Person
  Server Timeout               2
  What happens for instance, if i put a GROUP within a GROUP regarding the LDAP Authentication.
  I guess i have to authenticate against the "upper" GROUP, or do i have to create an entry on the WLC for every GROUP i'm questoning?
  Could some one provide my with an example, since i have not found documentation regarding this topic.
  Thank you.

  Hi,
  User Base DN : this is in case you want to restrict the search area. If you put "dc=mydomain,dc=CH", you will search your whole AD. Depending on the size, it can be slow ...
  Remember that the User Base DN is also used for the admin user.
  In conclusion, User Base DN should be the most restrictive path that leads to both the admins and the users you want to authenticate.
  Example :
  OU=Employees,OU=Humans,DC=Mydomain,DC=CH
  This would prevent to search in machines or any assets. This implies that the admin you bind with is an employee and you are only authenticating employees. You can have any number of OUs under employees, it doesn't matter
  Attribute : This is the object attribute that the WLC uses to compare with the user name. In general, you would go with sAMAccountName in AD. CN would be another common example for LDAP databases.
  If what you are looking for is to restrict access and only authenticate people who belong to a certain group. Then you need a radius server like ACS.
  That server will be able to make selections and check the "memberOf" attribute to make sure it is in a certain group.
  Nicolas
  ===
  Don't forget to rate answers that you find useful

• I have a sync account and used to keep sync with firefox server. Now computer got re-installed and want to sync data from firefox sync server. But I am unable to setup as i dont have sync key.

  I have a sync account and used to keep sync with Firefox server. Now computer got re-installed(OS) and want to sync data from Firefox sync server. But I am unable to setup as i don't have sync key.
  I would like to just sync with Firefox Sync Server with existing account. I can not find any way out for this. please reply me on
  [email protected]

  hello, for the old sync system in firefox 28 and below you also had to sign up with a mail address and password originally - to connect firefox to the old account you would need to have all those three pieces (mail, password & recovery key) available to you unfortunately...

• I am unable to setup facetime and imessages on my mobile no.

  Hi! I have iphone5 16Gb. I am unable to setup facetime and imessages on my mobile no. every time I sign in using my apple id,it only uses the email id for send & receive. I have created new apple Id too but still facing the same problem. I have tried it many times but now its has been a month. I am helpless. Please provide me the solution.

  Hi pbatta,
  Welcome to the Support Communities!
  The article below may be able to help you with this issue.
  Click on the link to see more details and screenshots. 
  Link your phone number and Apple ID for use with FaceTime and iMessage
  http://support.apple.com/kb/HT5538
   iOS: Troubleshooting Messages
  http://support.apple.com/kb/TS2755
  Cheers,
  - Judy

• 8.1.7 install error: Unable to Setup Inventory

  I have problem with the installation of 8i 8.1.7.
  After the first Welcome , and the second Source and Destine, the next windows don't appear. The message "Unable to Setup Inventory, You may no have proper permissions" display.
  Oracle 8.1.7, for AIX 4.3.3

  I've run into this when I had 2 Oracle homes (each with a different user -- oracle & ias, but the same group -- oinstall). It was a permission problem.
  I'd check 2 things. First, that the ownership is correct. If not, fix by something along the lines of chown -R oracle.oinstall $ORACLE_HOME/oraInventory. Second, make sure the permissions are right on the directory. For the oraInventory directory, I usually do chmod -R 775 oraInventory (you could get away with a 755 as long as you only have one owner for the system, which sounds like the case -- I use the 775 because of the two owner issue I mentioned before). That should do it.

• Unable to retrieve settings for this user

  Just setting up my new mac mini server for first time. It is updated to Mountain Lion. Setup local network user account with account name same as local short names on other macs (same on all of my mcahines). Then used System Prefs> Mail, Contacts, and Calendars.... to add a server account. Used exact same account info as on server (had both open to view).
  Get the message: "unable to retrieve settings for this user"
  Turned of firewalls... still not change.
  Did search for this problem.... no real helpful responses.
  Thought I was following all the basic steps to add a local network user. What am I missing?
  Thanks

  This message gets thrown if no services are enabled that the wizard wants.  Enable calendar, contacts, email, etc and it will connect.  This threw me off until I turned on the contact server for the heck of it and it started working.

• Unable to setup multiple email accounts

  Please help me!!!
  I don't know how this happened but I was unable to see my email icons (3) on my home page today. I tried to redo my email set uo but I kept getting the setup option for Blackberry Enterprise Server which I didn't have in the first place.
  I just wanted to restore my personal accounts.after lots of searching up and down, I finally logged on to my provider's BIS site and managed to set up ONE account. on clicking the next option for adding an extra account, i got the @blackberry.com option which I don't want/need. Tried to set up a third one but was told I have set up the maximum number..
  I rebooted my phone and my email icons did appear, thankfully.
  My question is, how do I set up an additional email account now that I got my icons back? The email setup option is still asking about Black Enterprise Server.
  Please help............

  Mine did that and I just turnd my data on and it worked

• On an M425dn, I am unable to setup scan to network folder on a home wireless network

  On an M425dn MFP, I am unable to setup 'Scan to Network Folder' on a home wireless network. The network folder exists and has been set to share with full permissions for everyone. The OS is Windows 7. The printer IP address is 192.168.1.104. I have used this in a browser to access the setup tab called Scan. I have established a network folder and have attempted to test the setup folder multiple times. The tests end in one of two ways. The attempt spins endlessly which requires a cancel action or it ends with the following error: "Cannot connect to the network folder. Ensure the shared folder name is correct." The network folder does indeed exist.
  The computer name is Delta. The shared folder name is Images on my A: drive.
  So the network path entered is \\DELTA\Images. By the way, printing to this network printer is always a succesful operation. Any guidance to solving this dilemma will be greatly appreciated. Thanks in advance.

  Google may have "locked" IMAP and/or POP access to your account. To unlock it go here:
  https://accounts.google.com/b/0/DisplayUnlockCaptcha
  Then try setting the account up on the phone again.

• Unable to locate message file: ldap language .ms

  Hi,
  i have OAS10.1.2.0.2 installed on RHEL4
  i somehow locked orcladmin account so i am not able to logon into SSO.
  i tried the following
  i went to the oidpasswd tool directory and executed the following
  [orace@... bin]$ oidpasswd connect=orcladmin unlock_su_acct=TRUE
  but i keep getting the follwoing error:
  "unable to locate message file: ldap<language>.ms"
  what should i do to fix this error.
  Someone please guide me.
  Thanks,
  Philip.

  Thanks for the reply.
  this is what i did.
  i have 2 disks inmy RHEL box.
  I have 3 directories
  /home/oracle where i have my user "oracle" account
  and then i installed OAS on the following directories
  infrastructure - /ora2/AS101202infra
  midtier - /ora2/AS101202BI
  now this is how my /home/oracle/.bash_profile file looks like
  ------ .bash_profile------------
  # Get the aliases and functions
  if [ -f ~/.bashrc ]; then
  . ~/.bashrc
  fi
  # User specific environment and startup programs
  ORACLE_HOME=/ora2/oracle/AS101202infra; export ORACLE_HOME
  LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/local/bin;
  export $LD_LIBRARY_PATH
  ORACLE_SID=asdb; export ORACLE_SID
  PATH=/bin:/usr/bin:/usr/local/bin:/usr/bin/X11:/usr/X11R6/bin:$ORACLE_HOME/bin:$ORACLE_HOME/opmn/bin:$ORACLE_HOME/ldap/mesg
  export PATH
  ORG_PATH=$PATH
  export ORG_PATH
  unset USERNAME
  but when i do a sqlpus or any other command, i get error saying set your ORACLE_HOME to oracle software directory.
  als when i open a terminal and type in "su - oracle"
  I get the following error
  -bash: export: '/ora2/AS101202infra/lib:/lib:/usr/local/bin': not a valid identifier
  Check whether $ORACLE_HOME/bin/ldapbind exists
  Yes ldapbind exists
  Does $ORACLE_HOME/ocommon/nls/admin/data/lx1boot.nlb exist, and is it readable?
  i dont see any folder called "occomon"
  Is the output of
  % type ldapbind
  $ORACLE_HOME/bin/ldapbind?
  i typed in
  [[email protected]]ldapbind
  and i got result as
  "bind successful"
  i dont get any message like " $ORACLE_HOME/bin/ldapbind"
  Philip.

• Unable To Setup Call Forwarding - Receive Message ...

  Unable To Setup Call Forwarding - Receive Message "oops the server is not responding"
  have tried 3 different web browsers, chrome, ie and firefox and also tried our 3 outgoing internet lines all with different suppliers but when I go to add a call forwarding number it does nothing and I get the "oops" message.
  What's going on here, I need this urgently for business!

  for the call forwarding you need balance in your account and you can forward from the web browser or sky msn option also if need assistance you can connect with us

• Unable to Setup Gmail A/c

  Hi i am unable to setup my 2 gmail a/c.
  it gives an error ( action required, update IMAP setting in your gmail a/c )
  where IMAP & POP is already active
  my ID is
  kindly provide a solution

  Thank you. Please review the various causes/solutions in this KB:
  KB20354 Unable to receive email messages from a Google Mail IMAP integration on a BlackBerry smartphone
  Occam's Razor nearly always applies when troubleshooting technology issues!
  If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
  Join our BBM Channels
  BSCF General Channel
  PIN: C0001B7B4   Display/Scan Bar Code
  Knowledge Base Updates
  PIN: C0005A9AA   Display/Scan Bar Code