Troubleshooting guide
80
Chapter 8: Troubleshooting LDAP Servers and the AMC
In This Chapter
Introduction ......................................................................................................................................................81
LDAP problems ..............................................................................................................................................81
Introduction to Account Management.............................................................................................................81
Troubleshooting LDAP Issues........................................................................................................................82
Installation Issues............................................................................................................................................83
Account Management Client Installation........................................................................................................83
Configuration Issues .......................................................................................................................................83
Configuring an LDAP Server for VPN-1/FireWall-1 Indexing.........................................................................83
Schema Checking ..........................................................................................................................................84
Ensuring compatibility between the AMC and the specific LDAP server .......................................................84
VPN-1/FireWall-1 LDAP Server Communication ...........................................................................................85
Known configuration problems......................................................................................................................85
AMC Configuration problem ...........................................................................................................................86
Working with the AMC.....................................................................................................................................87
Before Starting the Account Management Client ...........................................................................................87
The Organizational Unit..................................................................................................................................87
Deleting an Organizational Unit......................................................................................................................87
Creating a Tree Object ...................................................................................................................................88
Modifying slapd.conf (on the LDAP Server)..............................................................................................88
Defining Users ................................................................................................................................................88
The LDAP server ............................................................................................................................................88
When do the changes take effect?.................................................................................................................88
Working with LDAP..........................................................................................................................................89
Managing LDAP through the command line...................................................................................................89
Working with 3rd party LDAP Servers: fw ikecrypt.................................................................................89
Known LDAP and AMC problems...................................................................................................................89
AMC cannot read synchronized groups .........................................................................................................89
Exporting Users Problems..............................................................................................................................90
Problems while initiating a connection ...........................................................................................................90
Problems while working with OPSEC LDAP Servers.....................................................................................90
Special Configurations....................................................................................................................................91
Multiple LDAP Servers ...................................................................................................................................91
Known Issues between LDAP and Meta IP....................................................................................................91
PKI Issues related to LDAP.............................................................................................................................91
Known Limitations...........................................................................................................................................92
Debugging LDAP..............................................................................................................................................93
Important Debugging Tools ............................................................................................................................93
fw ldapsearch..................................................................................................................................................94
More Information..............................................................................................................................................95