LDAP Configuration Help! :(

odsca1 · June 19, 2019, 4:55pm

Hi,

We have many users in different OUs within our AD environment that needs access to graylog, but we only have LDAP config to look at 1 OU. Is there a way to set it to look at multiple OUs? Or is there a way to have graylog authenticate users that are part of a security group?

THank you!

Karlis · June 20, 2019, 6:46am

In User mapping specify root OU under which all other OUs resides, and use Group mapping to grant access to Graylog.

odsca1 · June 20, 2019, 4:34pm

If i do that, it will allow every user in the domain to log in. The group mapping doesnt seem to restrict.

Mexonizator · June 21, 2019, 8:00am

There’s.

(&(objectClass=user)(sAMAccountName={0})(memberof=cn=GROUP,cn=users,dc=domain,dc=com))

That query asks for a user, who:

A user;
Has the sAMAccountName attribute;
is a member of the chosen security group.

system · July 5, 2019, 8:00am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
LDAP authentication fine configuration question Graylog Central (peer support)	3	2032	July 21, 2017
LDAP Query Group Graylog Central (peer support)	2	3998	February 28, 2017
AD/LDAP Authentication with groups, users not found Graylog Central (peer support)	7	5752	January 31, 2020
Graylog Open: Active Directory Group Membership Graylog Central (peer support)	2	788	October 21, 2022
Problems with LDAP/AD authorization Graylog Central (peer support)	1	335	October 11, 2018

LDAP Configuration Help! :(

Related Topics