Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Troubleshooting LDAP connection
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Troubleshooting LDAP connection - 14.Aug.2006 4:26:29 PM
|
|
|
sanderl
Posts: 9
Joined: 14.Aug.2006
Status: offline
|
I hope I'm just missing something simple, but this is killing me. For a week I've been trying to get a working LDAP connection between my Windows 2003 AD and my 3rd party spam filtering service. It seems simple enough. Make a rule and point it to a DC and open port 389. I keep getting denied by the default rule and I can't figure out why.
|
|
|
|
RE: Troubleshooting LDAP connection - 16.Aug.2006 3:17:53 PM
|
|
|
sanderl
Posts: 9
Joined: 14.Aug.2006
Status: offline
|
Allow
From External to 192.168.203.89 (my dc)
Protocols = LDAP, LDAP (UDP), LDAP GC, LDAPS, LDAPS GC
All users
|
|
|
|
|
RE: Troubleshooting LDAP connection - 17.Aug.2006 3:17:23 PM
|
|
|
sanderl
Posts: 9
Joined: 14.Aug.2006
Status: offline
|
Guess I don't know what you really want to know, but I have my Rule is a route between external and my dc.
< Message edited by sanderl -- 17.Aug.2006 3:51:27 PM >
|
|
|
|
|
RE: Troubleshooting LDAP connection - 21.Aug.2006 5:05:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Sanderi,
OK, that's what I needed to know. If you have a Route Network Rule connecting the external to DMZ, then it should work. However, you'll need public addresses on the DMZ to pass the connections.
What protocols are you trying to pass between the external and DMZ networks?
Thanks!
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Troubleshooting LDAP connection - 28.Aug.2006 8:21:51 PM
|
|
|
sanderl
Posts: 9
Joined: 14.Aug.2006
Status: offline
|
just regular LDAP. But I've added all of the different types of LDAP to the rule, just to see if it would work.
|
|
|
|
|
RE: Troubleshooting LDAP connection - 1.Sep.2006 1:43:11 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
OK, what evidence do you have that the protocols are being blocked? Evidence would be in the form of log files and network traces showing the packets being blocked.
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Troubleshooting LDAP connection - 1.Sep.2006 3:39:57 PM
|
|
|
sanderl
Posts: 9
Joined: 14.Aug.2006
Status: offline
|
9/1/2006 8:36:33AM 65.71.xxx.xxx 389 LDAP Denied Connection Default Rule 69.20.58.234 External Local Host
|
|
|
|
|
RE: Troubleshooting LDAP connection - 5.Sep.2006 4:21:18 PM
|
|
|
sanderl
Posts: 9
Joined: 14.Aug.2006
Status: offline
|
No, my ISA server is in my domain. I did it that way, because I thought that was how it was supposed to be setup. How should I have the rule?
|
|
|
|
|
RE: Troubleshooting LDAP connection - 20.Nov.2006 8:49:43 AM
|
|
|
jpv
Posts: 3
Joined: 23.Oct.2006
Status: offline
|
Hi
I am having a similar problem but my Domain controller is installed on the ISA 2006 server due to hardware restrictions. (This is a 3rd tier firewall, mainly responsible for user authentication)
I can successfully publish a website using ISA forms pre-authentication.
When I try change a user’s password I get an error stating that there was a server problem.
The ISA log shows an LDAPS protocol with “Denied Connection” but with no rule associated.
Is it possible to run a DC on a ISA and let the ISA be member of this DC's domain?
Thanks for any help.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
