I am trying to configure Openvas 9 to use LDAP, for the login to the Greenbone software.
It appears as based off of other threads, this issue with LDAP in unresolved unless I am seriously mistaken.
My problems is that I am trying to allow multiple users based on active directory, access to Greenbone.
However, no configuration of mine seems to be working.
This is the output when I attempt to login with a user created and specified for LDAP use in Greenbone:
lib serv: DEBUG:2016-11-15 19h47.35 utc:9786: Shook hands with peer.
md main: DEBUG:2016-11-15 19h47.35 utc:9786: sql_open: db open, max retry sleep time is 0
lib ldap: WARNING:2016-11-15 19h47.35 utc:9786: StartTLS failed, trying to establish ldaps connection.
lib ldap: WARNING:2016-11-15 19h47.35 utc:9786: LDAP Authentication failure: Can't contact LDAP server
lib ldap: DEBUG:2016-11-15 19h47.35 utc:9786: Could not bind to ldap host my.host.example:389
md omp: WARNING:2016-11-15 19h47.35 utc:9786: Authentication failure for 'myuser' from 127.0.0.1
As shown, the LDAP cannot bind to my host, I am not sure why and am curious as to how I am supposed to configure LDAP correctly, allowing created users to login using AD credentials.
Best Answer
the error shows that both your ldap startls and your ldaps connections to your AD server are not working.
To get this to work you typically need to use certificates on your domain controllers, and you need to have the certificate authority file that signed those certificates on your openvas server.
Once you fix that, then you should be able to authenticate to your AD.