AD Authentication: Invalid DN syntax
Hello.
Just update to 1.20 firmware to enable AD authentication.
The firewall FLEX500H is allready joined to AD and I can see it as Computer in Active Directory users and computers.
When I try to test the configuration I get the error "Invalid DN syntax".
What's wrong?
thank you
Accepted Solution
-
Solved!
You have to be shure that user's distinguishedName is shorter than 63 char.
If not it will fails.
You can check user's distinguishedName in user advanced attributes in Active Directory User And Computer enabling "Advanced Features".
0
All Replies
-
any advise?
0 -
Please check on Advanced Settings, I suspect that you input the wrong information to Group Membership Attribute or something else.
0 -
this?
I left the default values
0 -
Hello,
I have the same problem leaving the default values in advanced, the AD I want to connect to is Windows 2019
0 -
mine is 2016.
I think the problem is this firewall (too young), not server OS.
Let's see if ZyXEL can fix it.
0 -
Solved!
You have to be shure that user's distinguishedName is shorter than 63 char.
If not it will fails.
You can check user's distinguishedName in user advanced attributes in Active Directory User And Computer enabling "Advanced Features".
0 -
Hello,
It doesn't work for me, user's distinguishedName is shorter than 63 char and same error Invalid DN syntax
0 -
Test is the user account with administration rights used to join the domain and used to query the DC?
Did you added the required DNS forward rule too?
0 -
Thank you for your prompt help, I found the problem, it must be made clear that it only works in the Domain Users folder, if the user is in another folder it stops working.
Everything working correctly!!!
0 -
Hello,
I get exactly the same error (Invalid DN syntax). The domain is correctly joined, but all user tested are failing !We have users organised in several OUs, so the limit with 63 chars may be over.
But hey, what's this for a limit ?? I'm coming from a VPN 100 and wanted the Flex 200H the replace it, but what a mess, these are absolutly not compatible, need to reconfigure all manually, and many functions are missing !!
This seems an unfinished product to me. Can't understand ! I'm thinking about returning it…⇒ Did you added the required DNS forward rule too?
What means exactly this, could oit be related ?I hope someone can help !
Thanks !
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 145 Nebula Ideas
- 95 Nebula Status and Incidents
- 5.6K Security
- 239 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 385 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 72 Security Highlight