The above error message occurs, due to LDAP version mismatch between the SBR device and backend Linux OpenLDAP. The SBR device uses LDAP version 2 to perform the Bind request; but OpenLDAP is not accepting it. It instead expects a Bind request from SBR, which uses LDAP version 3. After configuring the SBR to use LDAP version 3, the issue is resolved.
In the [settings]
section of the ldapauth.aut
file, add the following entry to instruct the SBR device to use LDAP version 3:
LdapVersion = 3
You can identify the LDAP version, which is being used in SBR, by performing a packet capture; when attempting to authenticate a LDAP user. The following images illustrate the packet captures, when using version 2 and 3. Check the LDAP Bind request packet to identify the LDAP version being used:LDAP version 2
:LDAP version 3