cannot connect ldap ad 2008 server

[xkapr]

Hi. Need help connecting to ldap.

I am trying to add new ldap server in system>access>servers.
type: ldap
hostname: ad.mydomain.cz
port: 389
transport: tcp
protocol: 3
user dn : mydomain\administrator
password: password
base dn: CN=mydomain,CN=cz
initial template: microsoft ad
authentication containers:  click select and get error message

Could not connect to the LDAP server. Please check your LDAP configuration.

When I try connect localy on ad controller ad.mydomain.cz with ldp.exe conection and browsing ldap works.

On opnsense interfaces>diagnostics>port probe:
Connection to ad.mydomain.cz 389 port [tcp/ldap] succeeded!

Connection to ldap from another computer in same network eg. linux ldap administrator works.

opnsense version. OPNsense 18.1.2_2-amd64
windows ad: windows 2008 r2 build 7601 sp1

[mimugmail]

User DN must be the LDAP path, like Base DN

[xkapr]

Thank you for answer. So user dn must be:
CN=Administrator,CN=Users,DC=mydomain,DC=cz

I think I've already tried according to docs https://wiki.opnsense.org/manual/how-tos/user-ldap.html but I'll try again.

[mimugmail]

Users could also be OU, you have to check with your Windows Admin

[xkapr]

I tried it once again and I still can not connect. I have verified that users are CN. So

type: ldap
hostname: ad.mydomain.cz
port: 389
transport: tcp
protocol: 3
User DN: CN=Administrator,CN=Users,DC=mydomain,DC=cz
password: secret
base dn: CN=mydomain,CN=cz
initial template: microsoft ad
authentication containers: click select and get error message

Could not connect to the LDAP server. Please check your LDAP configuration.

What else can cause troubles?

[bartjsmit]

Have a look at Softerra LDAP administrator (the free Windows package) to double check your bind DN and password.

http://www.ldapadministrator.com/

Bart...

[xkapr]

I tried to connect with ldapadministrator.com with user dn and base dn I mentioned above and connection is without troubles. Still cannot connect from opnsense.