6 Replies Latest reply on Oct 10, 2012 8:39 AM by Domenico NameToUpdate

    Bladelogic Authentication via LDAP

      hi all,


      i am noticing a lot of troubles, trying to integrate my Bladelogic Authentication Server with a  of LDAP Server.


      Mainly i have followed all the steps of the BL Admin Guide but maybe i am missing some pieces for the certificate stuffs.


      Mainly  i have:


      1. Set the LDAP server into set Ldap LdapServerURLs: now i have setup --> server.domain:389 (should i put also ftp:// ???)
      2. set Ldap ConnectionTimeoutMs to 10000 ms (10 sec.)
      3. Setup a truste stores:
        1. i have all the certificates that VM currently uses to talk with LDAP in the folder /etc/ssl (.pem format)
        2. i have used blcred cert -import /etc/ssl/<certname.pem> command for all of the certificates of point 3.1
        3. to identify the correct trustore (command set Ldap TrustStore) which file should i point? i put one of the cert under /etc/ssl/, is it correct???
      4. set Ldap IsHostValidationEnabled to flase in order to do not have additional checks to do (i don't care at moment to have host validation!)
      5. set in AuthServer LdapUserDnTemplate --> CN={0},OU=people,OU=group,DC=domain,DC=com
      6. set AuthServer IsLdapAuthEnabled true
      7. Configured a LDAP Auth. User on RBAC Database inside Bladelogic
      8. Configured an LDAP Auth. for Bladelogic Client


      after restarting Bladelogic, I always got the following error when I try to connect an LDAP user to the server:



      Path does not chain with any of the trust anchors.

      Could not validate the user xxxx

      Cannot establish a TLS connection with ldap://avoldlbs.dc-ratingen.de:389. Most likely cause is failed certificate validation.


      what is the problem ? can you kindly help?