cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Testing LDAP with the irLDAPTOOL

Scot_Clark
Sage
Sage
‎11-01-2019 03:50 PM
‎11-01-2019 03:50 PM

Testing LDAP with the irLDAPTOOL

Prognosis uses LDAP to collect user data when monitoring Skype for Business systems and can be used as a method of authentication to logging on to the Prognosis Web UI and windows client.

 

If something happens and connectivity is lost to the LDAP server, then that can cause problems with monitoring and authentication to the Prognosis interfaces.  To test this connection, there is a tool that is part of Prognosis called "irldaptool".  It is located in the \Prognosis\Server\x64 folder.

 

The command and options are:

 

\Prognosis\Server\x64>..\irldaptool -i IPAddress -o port -u UserName -p Password -b Base DN -f Filter DN [options]

Where:

               -i      IP Address of LDAP server

               -u      Username of a domain user with access to the LDAP database.  Usually admin type of user

               -p      Password of the aboveuser account

               -b      Base DN of the LDAP environment

               -f      Filter DN

               -o      Port used by LDAP server.  Usually 389, 636 or 3268.  Check with your LDAP administrator

               -s      SASL mode

               -r      Referral OFF

 

An example of  a command where connection test is successful:

C:\Prognosis\Server\x64\..irldaptool -i 192.168.1.200 -o 3268 -u domain\administrator -p password -b DC=DOMAIN,DC=local -f DC=DOMAIN,DC=local

Test Case 1 - No Filter, output all the entries from the base down

------------------------------------------------------------------

The following should show the output of the entities in the local LDAP directory:

Test Case 2 - Only select a particular attribute to return

----------------------------------------------------------

The following should show the only the CN entries in the local LDAP directory:

 

If you have problems with the connection test, there are some different messages.  For a wrong credentials,

 

C:\Prognosis\Server\Configuration>..\irldaptool -i 192.168.1.200 -o 3268 -u domain\administrator -p password -b DC=DOMAIN,DC=local -f DC=DOMAIN,DC=local

Error connecting to the LDAP server.    Invalid credentials

 

If it is a network connectivity or port issue, the following error will be returned.

 

C:\Prognosis\Server\Configuration>..\irldaptool -i 192.168.1.200 -o 3268 -u domain\administrator -p password -b DC=DOMAIN,DC=local -f DC=DOMAIN,DC=local

Error connecting to the LDAP server.    Can't contact LDAP server

 

The error you receive will determine what troubleshooting steps to take.  For networking, make sure there are no firewall rules blocking the port traffic your LDAP server is listening on.  For credentials issues, you would confirm and test the credentials you are using.

0 Likes
Reply

IR Forums

 General Collaborate Transact & Infrastructure COVID-19 Updates IR Connect