I had Chef manage working with LDAP (MS Server 2012 r2) and now it can no longer find any users? I have executed an ldapsearch and this returns exactly what I expect with a result success of 0.
Where are the logs for the LDAP mechanism so I can see what Chef thinks is actually going on?
Here is the LDAP search and subsequent return (No data obfuscation as this is a test system):
ldapsearch -x -h 192.168.5.10 -b 'OU=Chef Users,DC=sv,DC=local' "(objectClass=user)" saMaccountname, mail -D 'firstname.lastname@example.org' -w 'Sysadm1n' # extended LDIF # # LDAPv3 # base <OU=Chef Users,DC=sv,DC=local> with scope subtree # filter: (objectClass=user) # requesting: saMaccountname, mail # # Sean Vucich, Chef Users, sv.local dn: CN=Sean Vucich,OU=Chef Users,DC=sv,DC=local mail: email@example.com # Ross Taylor, Chef Users, sv.local dn: CN=Ross Taylor,OU=Chef Users,DC=sv,DC=local mail: firstname.lastname@example.org # Sean A. Vucich, Chef Users, sv.local dn: CN=Sean A. Vucich,OU=Chef Users,DC=sv,DC=local # chef user, Chef Users, sv.local dn: CN=chef user,OU=Chef Users,DC=sv,DC=local mail: email@example.com # search result search: 2 result: 0 Success # numResponses: 5 # numEntries: 4`
Here is my (previously) working LDAP config, that incidentally works with 1 user, but not any others.
ldap['base_dn'] = 'OU=Chef Users,DC=sv,DC=local' ldap['bind_dn'] = 'firstname.lastname@example.org' ldap['bind_password'] = 'Sysadm1n' ldap['group_dn'] = 'CN=Chef Logon,OU=Groups,DC=sv,DC=local' ldap['host'] = '192.168.5.10' ldap['login_attribute'] = 'sAMAccountName' ldap['port'] = '389' ldap['system_adjective'] = 'LDAP-Authentication' ldap['ldap_timeout'] = 300
Here is what I get now, when inviting a user to the system: