LDAP 认证配置与排错
2025/10/29大约 11 分钟
LDAP 认证配置与排错
配置 LDAP 认证
1.配置接口地址和路由
ping 测试 FortiGate 与 LDAP 服务器之间的连通性。测试环境使用 Windows AD 作为 LDAP 服务器,地址是 192.168.91.208。
# execute ping 192.168.91.208
PING 192.168.91.208 (192.168.91.208): 56 data bytes
64 bytes from 192.168.91.208: icmp_seq=0 ttl=127 time=0.3 ms
64 bytes from 192.168.91.208: icmp_seq=1 ttl=127 time=0.2 ms
64 bytes from 192.168.91.208: icmp_seq=2 ttl=127 time=0.2 ms
64 bytes from 192.168.91.208: icmp_seq=3 ttl=127 time=0.2 ms
64 bytes from 192.168.91.208: icmp_seq=4 ttl=127 time=0.2 ms
--- 192.168.91.208 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.2/0.2/0.3 ms2.配置 LDAP
选择”用户与认证“-->LDAP,点击”新建“。
配置参数:
名称:输入一个名称,不冲突即可;
服务器 IP/名称:LDAP 服务器的 IP 地址;
服务器端口:LDAP 通信端口,默认 TCP 389;
Common Name 标识符:FortiGate 用于识别连接用户的 LDAP 中对象的属性字段。Windows AD 域使用 sAMAccountName,OpenLDAP 使用 uid。这里使用 Windows AD 域;
**Distinguished Name:**用于在 LDAP 服务器上查找用户帐户条目,反映了查找的 CN 标识符之上的 LDAP 的层次结构; 输入 dc = fortibj,dc = com 指定包含所有对象的域根; 输入 ou = tac,dc = fortibj,dc = com 查询指定组织单元下的用户;
绑定类型:选择常规,使用提供的用户名和密码进行绑定,并从 DN 开始搜索并递归遍历子树;
用户名:用户名支持的格式:格式 1:CN = Administrator,CN = Users,DC = fortibj,DC = com;格式 2:Administrator@fortibj.com。
C:\Users\Administrator>dsquery user -name administrator
"CN=Administrator,CN=Users,DC=fortibj,DC=com"密码:用户的密码;
点击”确定“,配置完成。
对应的命令行如下:
config user ldap
edit "LDAP208"
set server "192.168.91.208"
set cnid "sAMAccountName"
set dn "dc=fortibj,dc=com"
set type regular
set username "CN=Administrator,CN=Users,DC=fortibj,DC=com"
set password xxxxxxxx
next
end3.查看 LDAP 目录结构
当 LDAP 配置正确时,可以点击”浏览“,查看 LDAP 目录结构。
LDAP 服务器测试
1.FortiGate 与 LDAP 服务器之间连通性测试
GUI 编辑 LDAP 服务器的配置界面,点击”测试连接性“。
CLI 语法测试连通性:
# diagnose test authserver ldap-direct
[IP] [port number]CLI 语法测试用户和密码是否正确:
# diagnose test authserver ldap
<server_name> <username> <password>如果连接状态是”成功“,则 FortiGate 与 LDAP 服务器之间通信正常。
对应 CLI 的测试结果:
# diagnose test authserver ldap-direct 192.168.91.208 389 LDAP server '192.168.91.208' status is OK如果连接状态是”无效的凭证“,则说明 LDAP 服务器的账号或者密码不正确。
对应的命令行:
# diagnose test authserver ldap LDAP208 administrator Test@123456 authenticate 'administrator' against 'LDAP208' succeeded! Group membership(s) - CN=Group Policy Creator Owners,CN=Users,DC=fortibj,DC=com CN=Domain Admins,CN=Users,DC=fortibj,DC=com CN=Enterprise Admins,CN=Users,DC=fortibj,DC=com CN=Schema Admins,CN=Users,DC=fortibj,DC=com CN=Remote Desktop Users,CN=Builtin,DC=fortibj,DC=com CN=Administrators,CN=Builtin,DC=fortibj,DC=com CN=Domain Users,CN=Users,DC=fortibj,DC=com如果连接状态是”不能连接到 LDAP 服务器“,则说明到 LDAP 服务器不可达。
对应 CLI 的测试结果:
# diagnose test authserver ldap-direct 192.168.91.208 389 LDAP server '192.168.91.208' status is Server unreachable
2.测试 LDAP 服务器中的用户及密码
GUI 编辑 Radius 服务器的配置界面,点击”测试用户认证信息“。
CLI 的语法:
# diagnose test authserver ldap
<server_name> <username> <password>用户名或者密码不正确
对应的 CLI 测试结果如下:
# diagnose test authserver ldap LDAP208 user1 123456 authenticate 'user1' against 'LDAP208' failed!用户名和密码正确
对应的 CLI 测试结果如下,CLI 显示了用户 user1 所在的用户组信息。
# diagnose test authserver ldap LDAP208 user1 Pass@123456 authenticate 'user1' against 'LDAP208' succeeded! Group membership(s) - CN=grp1,CN=Users,DC=fortibj,DC=com CN=Domain Users,CN=Users,DC=fortibj,DC=com
其他 LDAP 配置参数
1.修改 LDAP 端口
config user ldap
edit LDAP208
set port xx
next
end2.指定原 IP 地址
config user ldap
edit LDAP208
set source-ip x.x.x.x
next
end创建 ldap 用户
选择“用户与认证”-->“设置用户”,点击新建
选择 LDAP 用户,点击“下一步”
选择配置好的 LDAP 服务器,点击“下一步”
这里添加 user1,右击 user1,点击“添加已选”
点击“已选的”,查看选中的用户,确认无误后,点击“提交”。
完成 LDAP 用户创建
创建 ldap 用户组
选择“用户与认证”-->“用户组”,点击“新建”
配置 LDAP
设置 FortiGate 用户组名称 group1,在远程组中,点击“添加”,选择配置好的远程服务器,会自动显示出目录树,找到需要添加的用户组,这里选择 grp1,右击“添加已选”,那么 group1 匹配远端 LDAP 用户组 grp1 中的用户。可以添加多个用户组,如再增加 grp2,那么 group1 匹配远端 LDAP 用户组 grp1 和 grp2 中的用户。
点击“已选的”,查看选中的用户组,确认无误后,点击“确认”。
点击确认
配置完成
重要
如果在 group1 用不选择任何用户组,那么 group1 匹配 LDAP 服务器配置的 DN 目录下的所有用户。
LDAP 认证 debug
认证成功
准备查询的用户名 user1 和 base DN。
# diagnose debug application fnbamd -1 # diagnose debug enable [1906] handle_req-Rcvd auth req 730526726 for user1 in LDAP208 opt=0000001b prot=0 [466] __compose_group_list_from_req-Group 'LDAP208', type 1 [616] fnbamd_pop3_start-user1 [989] __fnbamd_cfg_get_ldap_list_by_server- [995] __fnbamd_cfg_get_ldap_list_by_server-Loaded LDAP server 'LDAP208' [1150] fnbamd_cfg_get_ldap_list-Total ldap servers to try: 1 [1717] fnbamd_ldap_init-search filter is: sAMAccountName=user1 [1727] fnbamd_ldap_init-search base is: dc=fortibj,dc=com [1149] __fnbamd_ldap_dns_cb-Resolved LDAP208:192.168.91.208 to 192.168.91.208, cur stack size:1 [924] __fnbamd_ldap_get_next_addr- [1154] __fnbamd_ldap_dns_cb-Connection starts LDAP208:192.168.91.208, addr 192.168.91.208 [879] __fnbamd_ldap_start_conn-Still connecting 192.168.91.208. [633] create_auth_session-Total 1 server(s) to try [1107] __ldap_connect-tcps_connect(192.168.91.208) is established.LDAP 管理员账号绑定。
[985] __ldap_rxtx-state 3(Admin Binding) [363] __ldap_build_bind_req-Binding to 'CN=Administrator,CN=Users,DC=fortibj,DC=com' [1083] fnbamd_ldap_send-sending 69 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 1 [985] __ldap_rxtx-state 4(Admin Bind resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 14 [1306] fnbamd_ldap_recv-Response len: 16, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:1, type:bind response-ret=0 //绑定成功 [1023] fnbamd_ldap_parse_response-ret=0查询 user1 的 DN。
[1052] __ldap_rxtx-Change state to 'DN search' [985] __ldap_rxtx-state 11(DN search) [750] fnbamd_ldap_build_dn_search_req-base:'dc=fortibj,dc=com' filter:sAMAccountName=user1 [1083] fnbamd_ldap_send-sending 73 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 2 [985] __ldap_rxtx-state 12(DN search resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 51 [1306] fnbamd_ldap_recv-Response len: 53, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-entry查询成功,获得 user1 的 DN 是 xiaoming,OU = TAC,DC = fortibj,DC = com。
response-ret=0 //查询成功,获得user1的DN是 xiaoming,OU=TAC,DC=fortibj,DC=com [1023] fnbamd_ldap_parse_response-ret=0 [1225] __fnbamd_ldap_dn_entry-Get DN 'CN=xiaoming,OU=TAC,DC=fortibj,DC=com' [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 78 [1306] fnbamd_ldap_recv-Response len: 80, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 78 [1306] fnbamd_ldap_recv-Response len: 80, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 62 [1306] fnbamd_ldap_recv-Response len: 64, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 14 [1306] fnbamd_ldap_recv-Response len: 16, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-result [1023] fnbamd_ldap_parse_response-ret=0用户 user1 绑定请求成功。
[1052] __ldap_rxtx-Change state to 'User Binding' [985] __ldap_rxtx-state 5(User Binding) [596] fnbamd_ldap_build_userbind_req-Trying DN 'CN=xiaoming,OU=TAC,DC=fortibj,DC=com' [363] __ldap_build_bind_req-Binding to 'CN=xiaoming,OU=TAC,DC=fortibj,DC=com' [1083] fnbamd_ldap_send-sending 93 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 3 [985] __ldap_rxtx-state 6(User Bind resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 14 [1306] fnbamd_ldap_recv-Response len: 16, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:3, type:bind response-ret=0 //绑定成功 [1023] fnbamd_ldap_parse_response-ret=0memberOf 属性查询。
[1052] __ldap_rxtx-Change state to 'Attr query' [985] __ldap_rxtx-state 7(Attr query) [649] fnbamd_ldap_build_attr_search_req-Adding attr 'memberOf' [661] fnbamd_ldap_build_attr_search_req-base:'CN=xiaoming,OU=TAC,DC=fortibj,DC=com' filter:cn=* [1083] fnbamd_ldap_send-sending 112 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 4 [985] __ldap_rxtx-state 8(Attr query resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 195 [1306] fnbamd_ldap_recv-Response len: 197, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:4, type:search-entry查询成功,获得 user1 的用户组 CN = grp1,CN = Users,DC = fortibj,DC = com。
[1023] fnbamd_ldap_parse_response-ret=0 [556] __get_member_of_groups-Get the memberOf groups. [522] __retrieve_group_values-Get the memberOf groups. [532] __retrieve_group_values- attr='memberOf', found 1 values [542] __retrieve_group_values-val[0]='CN=grp1,CN=Users,DC=fortibj,DC=com' [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 14 [1306] fnbamd_ldap_recv-Response len: 16, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:4, type:search-result [1023] fnbamd_ldap_parse_response-ret=0 [1305] __fnbamd_ldap_attr_next-Entering CHKPRIMARYGRP statePrimary group 属性查询。
[1052] __ldap_rxtx-Change state to 'Primary group query' [985] __ldap_rxtx-state 13(Primary group query) [685] fnbamd_ldap_build_primary_grp_search_req-starting primary group check... [689] fnbamd_ldap_build_primary_grp_search_req-number of sub auths 5 [707] fnbamd_ldap_build_primary_grp_search_req-base:'dc=fortibj,dc=com' filter:(&(objectclass=group)(objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\b8\17\0b\a2\b5\db\a4\d8\c0\a2\54\19\01\02\00\00)) [1083] fnbamd_ldap_send-sending 121 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 5 [985] __ldap_rxtx-state 14(Primary group query resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 110 [1306] fnbamd_ldap_recv-Response len: 112, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:5, type:search-entry获得 Primary group 是 CN = Domain Users,CN = Users,DC = fortibj,DC = com。
[1023] fnbamd_ldap_parse_response-ret=0 [472] __get_one_group-group: CN=Domain Users,CN=Users,DC=fortibj,DC=com [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 78 [1306] fnbamd_ldap_recv-Response len: 80, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:5, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 78 [1306] fnbamd_ldap_recv-Response len: 80, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:5, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 62 [1306] fnbamd_ldap_recv-Response len: 64, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:5, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 14 [1306] fnbamd_ldap_recv-Response len: 16, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:5, type:search-result [1023] fnbamd_ldap_parse_response-ret=0 [1433] __fnbamd_ldap_primary_grp_next-Auth accepted查询完成。
[1052] __ldap_rxtx-Change state to 'Done' [985] __ldap_rxtx-state 23(Done) [1083] fnbamd_ldap_send-sending 7 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 6 [785] __ldap_done-svr 'LDAP208' [755] __ldap_destroy- [724] __ldap_stop-Conn with 192.168.91.208 destroyed.查询的结果。
[2678] fnbamd_ldap_result-Result for ldap svr 192.168.91.208(LDAP208) is SUCCESS [401] ldap_copy_grp_list-copied CN=grp1,CN=Users,DC=fortibj,DC=com [401] ldap_copy_grp_list-copied CN=Domain Users,CN=Users,DC=fortibj,DC=com [2693] fnbamd_ldap_result-Skipping group matching [216] fnbamd_comm_send_result-Sending result 0 (nid 0) for req 730526726, len=2227 [789] destroy_auth_session-delete session 730526726 [755] __ldap_destroy- [1764] fnbamd_ldap_auth_ctx_free-Freeing 'LDAP208' ctx
认证失败
准备查询的用户名 user1 和 base DN。
# diagnose debug application fnbamd -1 # diagnose debug enable [1906] handle_req-Rcvd auth req 730526741 for user1 in LDAP208 opt=0000001b prot=0 [466] __compose_group_list_from_req-Group 'LDAP208', type 1 [616] fnbamd_pop3_start-user1 [989] __fnbamd_cfg_get_ldap_list_by_server- [995] __fnbamd_cfg_get_ldap_list_by_server-Loaded LDAP server 'LDAP208' [1150] fnbamd_cfg_get_ldap_list-Total ldap servers to try: 1 [1717] fnbamd_ldap_init-search filter is: sAMAccountName=user1 [1727] fnbamd_ldap_init-search base is: dc=fortibj,dc=com [1149] __fnbamd_ldap_dns_cb-Resolved LDAP208:192.168.91.208 to 192.168.91.208, cur stack size:1 [924] __fnbamd_ldap_get_next_addr- [1154] __fnbamd_ldap_dns_cb-Connection starts LDAP208:192.168.91.208, addr 192.168.91.208 [879] __fnbamd_ldap_start_conn-Still connecting 192.168.91.208. [633] create_auth_session-Total 1 server(s) to try [1107] __ldap_connect-tcps_connect(192.168.91.208) is established.LDAP 管理员账号绑定成功。
[985] __ldap_rxtx-state 3(Admin Binding) [363] __ldap_build_bind_req-Binding to 'CN=Administrator,CN=Users,DC=fortibj,DC=com' [1083] fnbamd_ldap_send-sending 69 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 1 [985] __ldap_rxtx-state 4(Admin Bind resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 14 [1306] fnbamd_ldap_recv-Response len: 16, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:1, type:bind response-ret=0 //绑定成功 [1023] fnbamd_ldap_parse_response-ret=0查询 user1 的 DN。
[1052] __ldap_rxtx-Change state to 'DN search' [985] __ldap_rxtx-state 11(DN search) [750] fnbamd_ldap_build_dn_search_req-base:'dc=fortibj,dc=com' filter:sAMAccountName=user1 [1083] fnbamd_ldap_send-sending 73 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 2 [985] __ldap_rxtx-state 12(DN search resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 51 [1306] fnbamd_ldap_recv-Response len: 53, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-entry查询成功,获得 user1 的 DN 是 xiaoming,OU = TAC,DC = fortibj,DC = com。
response-ret=0 //查询成功,获得user1的DN是 xiaoming,OU=TAC,DC=fortibj,DC=com [1023] fnbamd_ldap_parse_response-ret=0 [1225] __fnbamd_ldap_dn_entry-Get DN 'CN=xiaoming,OU=TAC,DC=fortibj,DC=com' [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 78 [1306] fnbamd_ldap_recv-Response len: 80, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 78 [1306] fnbamd_ldap_recv-Response len: 80, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 62 [1306] fnbamd_ldap_recv-Response len: 64, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-reference [1023] fnbamd_ldap_parse_response-ret=0 [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 14 [1306] fnbamd_ldap_recv-Response len: 16, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:2, type:search-result [1023] fnbamd_ldap_parse_response-ret=0用户 user1 绑定请求。
[1052] __ldap_rxtx-Change state to 'User Binding' [985] __ldap_rxtx-state 5(User Binding) [596] fnbamd_ldap_build_userbind_req-Trying DN 'CN=xiaoming,OU=TAC,DC=fortibj,DC=com' [363] __ldap_build_bind_req-Binding to 'CN=xiaoming,OU=TAC,DC=fortibj,DC=com' [1083] fnbamd_ldap_send-sending 88 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 3 [985] __ldap_rxtx-state 6(User Bind resp) [1127] __fnbamd_ldap_read-Read 8 [1233] fnbamd_ldap_recv-Leftover 2 [1127] __fnbamd_ldap_read-Read 102 [1306] fnbamd_ldap_recv-Response len: 104, svr: 192.168.91.208 [987] fnbamd_ldap_parse_response-Got one MESSAGE. ID:3, type:bind绑定失败,响应码 49,响应消息 52e,即密码不对。
[1009] fnbamd_ldap_parse_response-Error 49(80090308: LdapErr: DSID-0C0903D3, comment: AcceptSecurityContext error, data 52e, v3839) [1023] fnbamd_ldap_parse_response-ret=49 [262] fnbamd_ldap_more_dn_left-idx:0, total:1 [1052] __ldap_rxtx-Change state to 'Done' [985] __ldap_rxtx-state 23(Done) [1083] fnbamd_ldap_send-sending 7 bytes to 192.168.91.208 [1096] fnbamd_ldap_send-Request is sent. ID 4 [785] __ldap_done-svr 'LDAP208' [755] __ldap_destroy- [724] __ldap_stop-Conn with 192.168.91.208 destroyed. [216] fnbamd_comm_send_result-Sending result 1 (nid 0) for req 730526741, len=2148 [789] destroy_auth_session-delete session 730526741 [755] __ldap_destroy- [1764] fnbamd_ldap_auth_ctx_free-Freeing 'LDAP208' ctx