Testing LDAP with the irLDAPTOOL

Testing LDAP with the irLDAPTOOL

Prognosis uses LDAP to collect user data when monitoring Skype for Business systems and can be used as a method of authentication to logging on to the Prognosis Web UI and windows client.

 

If something happens and connectivity is lost to the LDAP server, then that can cause problems with monitoring and authentication to the Prognosis interfaces.  To test this connection, there is a tool that is part of Prognosis called "irldaptool".  It is located in the \Prognosis\Server\x64 folder.

 

The command and options are:

 

\Prognosis\Server\x64>..\irldaptool -i IPAddress -o port -u UserName -p Password -b Base DN -f Filter DN [options]

Where:

               -i      IP Address of LDAP server

               -u      Username of a domain user with access to the LDAP database.  Usually admin type of user

               -p      Password of the aboveuser account

               -b      Base DN of the LDAP environment

               -f      Filter DN

               -o      Port used by LDAP server.  Usually 389, 636 or 3268.  Check with your LDAP administrator

               -s      SASL mode

               -r      Referral OFF

 

An example of  a command where connection test is successful:

C:\Prognosis\Server\x64\..irldaptool -i 192.168.1.200 -o 3268 -u domain\administrator -p password -b DC=DOMAIN,DC=local -f DC=DOMAIN,DC=local

Test Case 1 - No Filter, output all the entries from the base down

------------------------------------------------------------------

The following should show the output of the entities in the local LDAP directory:

Test Case 2 - Only select a particular attribute to return

----------------------------------------------------------

The following should show the only the CN entries in the local LDAP directory:

 

If you have problems with the connection test, there are some different messages.  For a wrong credentials,

 

C:\Prognosis\Server\Configuration>..\irldaptool -i 192.168.1.200 -o 3268 -u domain\administrator -p password -b DC=DOMAIN,DC=local -f DC=DOMAIN,DC=local

Error connecting to the LDAP server.    Invalid credentials

 

If it is a network connectivity or port issue, the following error will be returned.

 

C:\Prognosis\Server\Configuration>..\irldaptool -i 192.168.1.200 -o 3268 -u domain\administrator -p password -b DC=DOMAIN,DC=local -f DC=DOMAIN,DC=local

Error connecting to the LDAP server.    Can't contact LDAP server

 

The error you receive will determine what troubleshooting steps to take.  For networking, make sure there are no firewall rules blocking the port traffic your LDAP server is listening on.  For credentials issues, you would confirm and test the credentials you are using.

Webinar: The Journey to Microsoft Teams - Readiness Phase (part 2)

Having looked at the planning phase in session one of this series, we will turn our focus to the readiness phase. The all important technical capabilities assessment, ensuring the network, endpoints and users are adequately prepared for the move.

Hear first hand from IR's Global Head of Information Systems and Technology, Jason Schwendinger, on how he has been tackling these issues.

Join webinar