Unable to log into NMC with AD/LDAP account

@le0pard , Can you provide a little more information related to the error? Refer to the file \nsr\authc\authc-server.log on the server configured as authc server for the NMC. Also from the same server try
nsrlogin -H -d -u

Hi crazyrov, thanks for your input.

My authc-server.log (in nsr\authc-server\tomcat\logs) is empty, 0 bytes.

If I attempt to login using nsrlogin all I get is a message:
117849:nsrlogin: Authentication library error: Authentication service is unavailable.

The Domain Controller is available on port 389.

authc_config lists the ldap server on port 389, not 686. Not sure where to look next.

You dont have the authc service running on whichever system you had designated as the authc server. Please check which is the authc server that you had configured with the NMC and then check the logs on that server.

Trying again today and it seems as if there is an ssl issue. When I am trying to do the last step in https://www.dell.com/support/kbdoc/en-uk/000192505/gstd-nsr-error-78-unable-to-login-verify-that-the-authentication-service-on-s-is-running:

authc_config -u Administrator -e update-config -D config-id=2 -D config-active-directory=y -D config-user-dn-password=
Enter password:

I get an error, but the long and the short of it is: "The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection".

The config was originally done with port 389 and then the policy was enforced. I can't update the policy using the GUI,  so I'm guessing I may need to delete it somehow and reconfigure using 686. Have to see if I can find out how to delete the config now, as I can't "update" it, because I get a bind error, because the connection is not SSL\TLS!

You could just create a new configuration and see if that works.

Back to this again and still pulling my hair out! If I set the server type as LDAP over SSL I can authenticate and it says "Authentication Authority Provider was successfully modified". However, if I put the DN of my user in the console application administrator group it just tells me "Could not authenticate using this username, try again"

If I try to set up Active Directory authentication I get an error "PUT failed with HTTP_ERROR:400, Server message: could not parse server response from json string.

I can use LDP.exe to bind and connect to port 636 and query Active Directory, so I have no clue what's going on!

Here's another thing - when I use authc_mgmt and query-ldap-users or query-ldap-groups, it finds them all without any issues, but if I try query-ldap-groups-for-user, it says 404, user does not exist.

... and how do I delete a config?

you mean you can't access https://www.dell.com/support/kbdoc/en-us/000020799/networker-networker-9-how-to-configure-ldaps-authentication or rather the KB number mentioned in the provided pdf from Dell? Does that have a KB article number?

I can access KB 20799 without any issue myself...