Hi Alexander, Brilliant thanks. I still don't seem to be able to see any users, and cannot sign in as a user from one of the groups that I can see.
Do you have any ideas about groups, I'm only picking up 8 static groups when Member Attribute is set to memberof (Filter is cn=<GROUPNAME> and DN is cn=groups,cn=accounts) Kind Regards, Josh Cullum On Tue, Jan 12, 2016 at 9:55 AM Alexander Bokovoy <aboko...@redhat.com> wrote: > On Tue, 12 Jan 2016, CFMS Support wrote: > >Hi All, > > > >New to the mailing list, fairly new to IPA. We have three IPA servers in a > >cluster in a staging environment. > > > >We're looking to replace AD with IPA as we are mostly Linux based and we > >have just bought some new Pulse Secure Appliances to replace our aging > >Juniper SA devices. > > > >With a migration to IPA currently being staged, the PSA devices have been > >added to the staging environment so that we can provide them with > Directory > >access. Unfortunately, we seem to be having some problems with the > >configuration of both (Pulse Secure are also working with us) to allow the > >directory contents to be searched. The connection between the devices and > >the IPA cluster are fine, it's more the LDAP binding that seems to be the > >problem. > > > >The following is the configuration from the pulse secure device: > There are some incorrectly set options: > > - change to use StartTLS, not unencrypted connection > - finding user entries requires 'uid=<USER>' filter > > > -- > / Alexander Bokovoy >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project