Hi,
We already have 1 network with mobile devices and a connection to AD setup via a Windows server with the Meraki Systems Manager Agent on it.
We're trying to setup a new network. I've got another Windows server 2019 setup with the Meraki Systems Manager Agent on it and it's enrolled in the network. The problem is I can't get the server to show a green tick under Systems Manager > General > End User authentication settings
I've chosen Active Directory: Use you own Active Directory server
I've entered the email domain
I've filled in all the other fields like we have in our other network but when I select the gateway I get the following error:
ldap_bind: Can't contact LDAP server
I've check and the WMI server is running.
The server and the user I've entered have access to AD.
We're using port 3268
The server is not a domain controller but in our other network the server is not a domain controller, it just has the AD DS and AD LDS Tools installed.
Plus the other server that works is Windows 2016, if that makes any difference.
I'm just wondering what I'm missing.
Hope that makes sense and someone can help.
Thanks
Does the AD controller have a certificate installed on it?
Hi,
Sorry, I've not installed any certificate on the server. Which certificate does it need to have installed?
This document lists the requirements for the certificate:
Hi,
Does this work with a wildcard certificate?
I don't know for sure - but it should.
The reason that you're not getting. tick, BUT it may be working is because the MX is probably NOT on the same subset.
Right at the top of: https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Configuring_Active_Direc...
Currently, Active Directory-based authentication works only if one of the following is true:
This is in the "Mobile Device Management" forum ... so I think it is talking about Systems Manager AD Configuration.
You're absolutely right, @PhilipDAth , thanks for pointing that out....
"The server is not a domain controller but in our other network the server is not a domain controller, it just has the AD DS and AD LDS Tools installed."
This may, however, be the crux of the issue...