After upgrading Foglight Management Server (FMS) to 5.6.11, authentication using LDAP (OpenLDAP) is now failing. The LDAP configuration still appears valid and has been working fine through several upgrade since 5.6.4 to 5.6.10. The Foglight test configuration under the Directory Services Settings can successfully locate LDAP users.
The following error is found in the FMS log when DEBUG level 1 is enabled:
DEBUG [http-0.0.0.0-8443-1] com.quest.nitro.service.security.auth.spi.NitroExtendedLdapLoginModule - Failed to validate password
Please refer to External Directory Settings Example for a list of valid options specific to different types of LDAP directory servers. In this particular OpenLDAP issue, setting cn under "Role attribute ID" fixes the issue.
You may also want to verify the values under the following settings as an incorrect query may lead to timeout and delays in logging in via LDAP. Remove it they are not required.