LDAP Online / You are not authorized to use this function

Questions about using Windows AD service.
FujitsuSyl
New here
Posts: 2
Joined: Sat Feb 18, 2017 2:07 am
Model: TS-231+/431+/x31P

LDAP Online / You are not authorized to use this function

Postby FujitsuSyl » Sat Feb 18, 2017 2:24 am

Good day.

Got a TS-231 with firmware 4.2.3, and having problems getting it on the domain. If I use "Domain Member" then it DOES join the domain but listing users/groups is very very slow (HOURS!) and is unusable. So I want to use LDAP to make the list of users/groups manageable. But I see "Online / You are not authorized to use this function" on the LDAP configuration page, and domain users/group lists remain empty.

Here is how I have it setup:

Remote LDAP Server
Server Host = DC's ip address
Security = LDAP://
BaseDN,UserDN,GroupDN = ou=My OU,ou=Parent OU,dc=corp,dc=fc,dc=local
RootDN = CN=MyServiceAccount,OU=Corporate,OU=Corporate - Service Accounts,DC=Corp,DC=FC,DC=LOCAL
Password is MyServiceAccount's password.

So BaseDN UserDN and GroupDN all point to a OU which is inside another OU which is at the root of the domain. RootDN appears to be for the account used to query the DC so that is what I put there. Anyone know if we need to surround OU's that have spaces in their names with quotes? (I tried it but no change).

So QNAS says the DC is Online but not quite sure why I am seeing "You are not authorized to use this function."

Please assist.
Thank you much.
Best Regards,

Klokos
Starting out
Posts: 18
Joined: Fri Sep 21, 2012 4:57 am
Model: TS-859U-RP+

Re: LDAP Online / You are not authorized to use this function

Postby Klokos » Mon Mar 13, 2017 5:43 pm

Hello,

Yes, I have been through the same issue.I would suggest this change:

BaseDN: dc=corp,dc=fc,dc=local

This worked in my case:

Screen Shot 2017-03-13 at 10.37.49.png


Anyway... when you get your LDAP connector ONLINE you will find out that no users/groups are listed. There seems to be a bug which I already reported to QNAP.

This is what support sent me:

I dont know. I create ticket for developer. They must check. I have problem too, but i use qts 4.3 beta.
Please must wait.

Pozdrawiam,
Grzegorz Ciesielski
---------------------------
Ticket Details
Ticket ID: ZDL-741-83662
Department: Europe - Central & Eastern Europe, Greece, Russia
You do not have the required permissions to view the files attached to this post.

FujitsuSyl
New here
Posts: 2
Joined: Sat Feb 18, 2017 2:07 am
Model: TS-231+/431+/x31P

Re: LDAP Online / You are not authorized to use this function

Postby FujitsuSyl » Tue Mar 21, 2017 4:49 am

Good day.

Thanks, I got it working with your BaseDN suggestion AND using the DISPLAY NAME for the user, rather than the username! So now I am "Online" but as you say, Users and Groups are not working. I will escalate in my ticket.

Thanks.
Best Regards,

Lumbergh
First post
Posts: 1
Joined: Thu Apr 27, 2017 4:05 am
Model: None

Re: LDAP Online / You are not authorized to use this function

Postby Lumbergh » Thu Apr 27, 2017 4:23 am

Did anything come of this? I have a VioStor that is having issues with both Active Directory and LDAP connectivity.

It will join the domain as well - but unstable (as the OP stated) - and when using LDAP I get it to connect using LDAP settings, but again, no users populate.


Return to “Windows Domain & Active Directory”

Who is online

Users browsing this forum: No registered users and 3 guests