LDAP Admin is a free, open-source LDAP client for Windows that allows administrators to connect to LDAP servers, browse directories, manage users, and perform various LDAP operations. You can use LDAP Admin to test LDAP(S) authentication with the Rublon Authentication Proxy, ensuring that your multi-factor authentication (MFA) setup is functioning correctly.
There are two things you may want to test:
Testing the Access User: Verify that the access user (access_user_dn) can connect without MFA and has the appropriate read permissions to the LDAP directory.
Testing MFA for a Regular User: Ensure that a regular user (any user from the Rublon Admin Console) is prompted for MFA during the authentication process.
Testing the Access User (Without MFA)
1. Download LDAP Admin and install it on a Windows machine that can send requests to the LDAP(S) server.
2. Run LDAP Admin.
3. Go to Connection → New Connection and configure the following settings in the Connection Properties window:
Profile Name | Enter a name for your connection (e.g., Access User Test). |
Host | Enter the IP address or hostname of your LDAP server (not the Rublon Auth Proxy). |
Port | Use 389 for LDAP or 636 for LDAPS. |
Encryption | Check Use SSL if you are connecting via LDAPS. Leave unchecked if you're using standard LDAP. |
Base DN | Enter your directory's Base Distinguished Name (e.g., dc=example,dc=com). |
Bind DN or user | Enter the access user's distinguished name (Bind DN) (e.g., cn=John Doe,ou=Users,dc=example,dc=com). |
Password | Enter the access user's password. |
4. Click Fetch DNs to verify that LDAP Admin can connect with the provided settings. If successful, you will see the directory structure under the Base DN.
5. Click OK to save the connection.
6. In the main LDAP Admin window, double-click the connection you just created and browse the LDAP directory to ensure the access user can read the necessary entries.
Testing MFA for a Regular User
1. Download LDAP Admin and install it on a Windows machine that can send requests to the Rublon Auth Proxy server.
2. Run LDAP Admin.
3. Go to Connection → New Connection and configure the following settings in the Connection Properties window:
Profile Name | Enter a name for your connection (e.g., Rublon MFA Test). |
Host | Enter the IP address or hostname of your Rublon Auth Proxy server. |
Port | Use 389 for LDAP or 636 for LDAPS, depending on your Rublon Auth Proxy configuration. |
Encryption | Check Use SSL if you are connecting via LDAPS. Leave unchecked if you're using standard LDAP. |
Base DN | Enter your directory's Base Distinguished Name (e.g., dc=example,dc=com). |
Bind DN or user | Enter the regular user's distinguished name (Bind DN) (e.g., cn=John Doe,ou=Users,dc=example,dc=com). |
Password | Enter the regular user's password. |
4. Click Test Connection.
5. Approve the Mobile Push authentication request or use another authentication method, such as Email Link, SMS Link, or YubiKey OTP (e.g., using the Append Mode).
If authentication fails, an error message will appear. Double-check your connection settings and ensure the user is enrolled in the Rublon Admin Console.
Helpful Links
How can I test RADIUS authentication with the Rublon Auth Proxy using NTRadPing?
Rublon Authentication Proxy - Documentation
How do I find the Bind DN for the Active Directory user (access_user_dn in Rublon Auth Proxy config)?
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article