I've got a Netscreen 50 running firmware version: Version: 5.3.0r3.0 (Firewall+VPN)
I've been trying to get all of my systems sync'ing with my Active Directory (Windows Server 2008) for all users/passwords. I've done this with other applications using the LDAP of the active directory. I can succesfully connect to my LDAP with an LDAP browser and my other applications. These successful applications require that I put the Domain name in front of the username. My example is Domain "SAF", and user tjohnston, so these settings connect successfully with "SAF\tjohnston" and the password.
When I try the same settings in the Netscreen I get log entry:
User SAF johnston at 10.100.1.223 has been rejected via the LDAP server at 10.6.31.164 (which is the IP of my client, and LDAP server)
In this example it's interpriting the '\t' in my username as a tab. I've tried putting 2 slashes ("SAF\\tjohnston"), but even though the Netscreen reports the correct username (SAF\tjohnston) it still says it's denied by the LDAP, despite the fact that I can copy and paste the DN from the firewall into my LDAP browser and can connect.
Is there some way to get the Netscreen to put the domain in front of all of my Users' names? Is there something I'm missing? Why would the settings that work with my LDAP browser not work with the Netscreen?
Thanks,
Tommy
Message Edited by Tjohnston on 09-21-2009 10:44 AM
#ldap#authentication