LDAP Query Group


(Matthew Riddler) #1

Hello,

I have been given the task of configuring ldap / ad authentication to our gray log server.
I have connected to the directory (using active directory). Test connection works.
The user search OU is quite specific, a single OU. If I login with an account in that OU I get logged in through my AD account. I then put in group to authenticate against (in a different OU). I don’t believe that this group is being used.
The group search only has one group in it, the one that I need to use. The group search pattern looks good (&(objectClass=group)(CN=GG-Gray_Log Users)).
I can enter a username at the bottom of the screen, login test & this will connect to AD & show me all of the user details.
Whether I am a member of that group or not I am able to login.
Not too sure what I am doing wrong.
In the admin guide it says that the list of groups will be available in a dropdown. I cannot see this anywhere.

Any help would be greatly appreciated.
Thanks,
Matt


Unknown attribute issue LDAP integration with Active Directory
(nomoresecrets) #2

try this as user search pattern:

(&(memberof=CN=GG-Gray_Log Users,OU=whatever,DC=yourcompany,DC=com)(sAMAccountName={0}))

works perfectly on my production and test environment


(Matthew Riddler) #3

Fantastic. Works great.
Thanks nomoresecrets