10-30-2008 12:53 AM
I am trying to configure the SA200 to authenticate users by the AD in the domain.
I tried to add an authentication server by Authentication > Auth. Servers > Active Directory / Windows NT > New Server.
I entered the details in the "New Active Directory/ Windows NT" page that follows, leaving the "Backup domain controller " field blank and "Allow trusted domains" unchecked.
I selected "Use LDAP to get Kerboros realm name".
When I hit the "Test configuration" button, there is a warning message "You can not change the password of the IVE computer account on the active directory server using the specified administrator credentials.."
I am sure the server IP address I entered is the domain controller and I double check the user admin password.
So what else needs to be configured?? or did I not configured correctly??
10-30-2008 07:43 PM
What privilege level does the service account defined on the SA have? The service account/admin account needs the privileges listed in KB2624 at the minimum.
12-04-2008 10:56 AM
12-04-2008 12:01 PM
Try this link for the lookup
Or see the attached document if you can't get the link to work.
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador
Juniper Elite Reseller
J-Partner Service Specialist - Implementation
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.