@kevinnew22 So, a few questions come to mind:
Is this Active Directory or open ldap?
While I appreciate your privacy, I never understand why people block of “certain” points. I can understand hiding your IP if it’s a public IP address, but if it’s Private it makes little sense to block it. (Private IPs are 192.168.x.x/24 172.16.x.x/16 and 10.x.x.x/8)
First:
LDAP Server should be a dns name. Normally when you look at your domain you will see the “name” it maps to. Of course I have to make some assumptions so please just take my info and adjust as needed.
So let’s say I have a domain called example and the “common” name to map to the same domain is example.com. I would use example.com in the server area. (Of course this assumes DNS is handled by the domain as well which is generally common.)
LDAP Server port. If you’re using LDAPs you will likely need to import your domains certificate tree to the FOG Server for it to work properly. (I don’t understand why you blocked this out because there’s only 2 parts. So if you’re using 389 as the server port, this is not a secure port. Otherwise it is the secure port.
Search Base DN looks correct though I don’t know if it actually matches your domain structure.
Your Group Search DN may be correct but I’m not sure. Of note, with this being set, any group you’re attempting to match must reside in here. So I see your Admin Group is set to Admin. So under {blank}.sa -> grupo {blank} should contain the admin group. If it doesn’t this would be reason for you not being able to log in with your LDAP information. To generalize it for testing at least, you should probably set Group Search DN to the same as Search Base DN.
Admin Group appears correct assuming you have a Group named admin in your domain.
Mobile Group appears correct but is redundant. As you already have this setup for the Admin Group, this is unnecessary. It’s going to set the user as admin, so having Mobile user filled in with the same group doesn’t do anything.
Please Note with both of these, you can use multiple groups by separating them with commas. For example, you could associate all admins for the group admin and domain admins by entering int he Admin Group field: admin,domain admins
Username Attribute looks correct assuming Active Directory
Group Member Attribute looks correct assuming Active Directory
Bind DN appears to be correct though this is totally on you.
Bind password is already set but I have no way of knowing if it’s correct.
Of note, there are logs that are written when theres an error that might help you troubleshoot too.
On redhat based linux, this is /var/log/php-fpm/www-error.log. You would need to look up your systems error log. For Debian this might be /var/log/apache2/error.log, but it could also be under /var/log/php{phpver}-fpm/www-error.log (or very close to it) replacing phpver with the running php version (can be known by running php -v | awk 'match($0, /^PHP (([0-9])[.]([0-9]))[.][0-9]/, ary) {print ary[1]}'
Hopefully this helps narrow down where to look.