Hi all,
This one is driving me barmy. I've created an AD LDS instance that I can connect to using Softerra LDAP browser using both the service account and an active user I've created.
AD LDS is running on Windows 2008 R2, I'm using ADSI EDit version 6.1.7601.17514.
I've added 2 accounts for testing
I've set the password and then set msDS-UserAccountDisabled = FALSE
Testing access to this LDAP instance I'm using Softerra LDAP Browser 4.5 on Windows 7 Professional.
In the Cognos configuration I've added a new Authentication source - LDAP - Default values for Active Directory
Set the Namespace ID, Host and port and Base DN
User Lookup: (uid=${userID})
External identity mapping: ${environment("REMOTE_USER")} (Although I've tried (uid=${environment("REMOTE_USER")}) ...)
I've tried different iterations for External identity mapping
I keep getting prompted for a logon "Testing logging on to "<NamespacID" namespace. I've tried the fully qualified account, single name and domain name but nothing is being accepted and I end up with an error as below.
In Softerra the accounts all allow me to logon and browse the LDAP instance using both the MD5 and GSS authentication methods and are either of the form
domain\<account>
OR
CN=CogTest,OU=Standard Users,OU=User Accounts,DC=Mydomain,DC=com
Cognos LDAP error.
[''Cognos LDS'']
[ ERROR ] CAM-AAA-0146 The namespace 'CognosLDS' is not available.
[ ERROR ] CAM-AAA-0064 The function 'Configure' failed.
[ ERROR ] The user cannot access the application at this time.
[ ERROR ] CAM-AAA-0056 Unable to authenticate.
[ ERROR ] CAM-AAA-0064 The function 'LDAPHandlePool::CreateHandle()' failed.
[ ERROR ] CAM-AAA-0026 The function call to 'ldap_simple_bind_s' failed with error code: '49'
[ ERROR ] Invalid credentials
[''Cognos LDS'']
[ ERROR ] AAA-AUT-0011 Invalid namespace was selected.
What am I missing?
Cheers
AussiePete.