iDRAC6 LDAP ERROR

Hi Rick3289,

      Which LDAP server are you using (E.g. Open LDAP, OpenDS Erc.)? When you specified role group did you specified group name or Distinguished Name for Group

as for LDAP server make i will try and find out. I entered the group name like below:

cn=xxx,ou=xxx,ou=xxx,ou=xxx,dc=xxx,dc=net

Our LDAP server is Novel eDirectory 8.8.6.5 Running on RedHat Enterprise. I entered the group name like below and set the permissions ro administrator on the iDRAC6

cn=xxx,ou=xxx,ou=xxx,ou=xxx,dc=xxx,dc=net

I had the same symptoms but found the fix for it.  You may be having the same issue as me.

In my case the bind DN had full access to the member attributes of the group associated with a role.  However, iDRAC6 checks membership in the group using the login user's DN, and in my case that user did not have access to the member attributes of the group.  I was able to find this information by manually running the appropriate ldapsearch command.

My fix was to switch to using the memberUid attribute (which uses usernames instead of full DN), since the login user does have access to that attribute.  Perhaps this is an oversight of the LDAP administrators, but it works for now.  The only alternative I see would be to get the LDAP administrators to grant access to the member attribute to users who might be logging in to iDRAC.

Hi @sduckwo

Could you please share the method you have used to resolve the issue ?

(Which field and what value)

thanks in advance