Skip to main content
Solved

LDAP for Role-Based Access not working

  • November 12, 2024
  • 3 replies
  • 162 views
N
Forum|alt.badge.img+5

Can BeyondInsight support LDAP for Role-Based Access? As we are unable to sync users once we have configured LDAP for authentication. we tried adding users through ldap in users and trying to authenticate, it does not work as well. Any guides or suggestions would be a great help

Best answer by jchandler

Hello,

You may want to validate the bind account configured is able to login to your LDAP server.

On a Windows Server open ldp.exe
Click Connection | Connect and specify server name and port and click OK
Click Connection | Bind
Choose simple bind and enter your bind account name and passowrd and click Ok.

Some ldap servers may need to dn to login “cn=user,dc=domain,dc=com”

Others will take a simple username.

Use the same name format in BI that works with ldp.exe.

Also If you check the logs on your appliance you may get more details on the cause of the issue.

Errors relating to a directory sync should be found here on your U3 appliance.

C:\Program Files\BeyondTrust\BeyondInsight Gateway Services\DirectoryServices\logs

      3 replies

      J
      BeyondTrust Employee
      • jchandler
      • BeyondTrust Employee
      • November 14, 2024

      Hello,

       

      Have a look at this doc to create an LDAP directory credential.

      How to Create and Edit Directory Credentials in BeyondInsight

      Then follow this doc to add your LDAP group.

      Add an LDAP Group in BeyondInsight

      N
      Forum|alt.badge.img+5
      • naidu_jsts
      • Author
      • Trailblazer
      • November 14, 2024

      Thank you ​@jchandler I went through those documents and configured. we are unable to get the users synced into the group.

      J
      BeyondTrust Employee
      • jchandler
      • BeyondTrust Employee
      • Answer
      • November 14, 2024

      Hello,

      You may want to validate the bind account configured is able to login to your LDAP server.

      On a Windows Server open ldp.exe
      Click Connection | Connect and specify server name and port and click OK
      Click Connection | Bind
      Choose simple bind and enter your bind account name and passowrd and click Ok.

      Some ldap servers may need to dn to login “cn=user,dc=domain,dc=com”

      Others will take a simple username.

      Use the same name format in BI that works with ldp.exe.

      Also If you check the logs on your appliance you may get more details on the cause of the issue.

      Errors relating to a directory sync should be found here on your U3 appliance.

      C:\Program Files\BeyondTrust\BeyondInsight Gateway Services\DirectoryServices\logs

        Badge Earners

        • BCA: Privileged Remote Access
          GroSanhas earned the badge BCA: Privileged Remote Access
        • Core Concepts - Privileged Remote Access
          Ahmed Butthas earned the badge Core Concepts - Privileged Remote Access
        • BCA: Password Safe
          Abdelhamid.Saberhas earned the badge BCA: Password Safe
        • BCA: Remote Support
          DQ2has earned the badge BCA: Remote Support
        • BCA: Endpoint Privilege Management - Windows
          CHRISK1has earned the badge BCA: Endpoint Privilege Management - Windows
        Show all badges
        Terms & ConditionsCookie settingsAccessibility statement