> Simon Matthews via FreeIPA-users wrote: > > Your URL needs to be more specific to find users, like > cn=users,cn=accounts,dc=... > > Or alternatively you could add an objectclass filter, but searching the > entire tree for users is more work than necessary. > > IPA maintains a separate, synthesized tree, for compatibility with > RFC2307. This is the cn=compat entry you are seeing. > > I'll also note that all users are in the group ipausers. IIRC it also > has to be a dn but I could be wrong on that. > > rob Adding "cn=users,cn=accounts" to the AuthLDAPURL worked. I am able to authenticate specific users. However, I have not been able to get "Require ldap-group" to work. I'll start a new thread for that. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Freeipa-users] Re: Setting up authentication for apache webserver (part 2) -- User is not unique
Simon Matthews via FreeIPA-users Wed, 12 Jan 2022 10:56:18 -0800
- [Freeipa-users] Setting up authentication... Simon Matthews via FreeIPA-users
- [Freeipa-users] Re: Setting up authe... Rob Crittenden via FreeIPA-users
- [Freeipa-users] Re: Setting up a... Simon Matthews via FreeIPA-users
- [Freeipa-users] Re: Setting up authe... Grant Janssen via FreeIPA-users
- [Freeipa-users] Re: Setting up a... Simon Matthews via FreeIPA-users
