Hi Cliff, can you share the configuration of the LDAPAuthenticationProvider you are using?
Mauro 2014-04-01 16:50 GMT+02:00 Cliff Ingham <[email protected]>: > I am having trouble using Active Directory while still designating > certain users to have the ADMIN role in geoserver. > > I am using Geoserver 2.5.0 and have been following the documentation at: > > http://docs.geoserver.org/stable/en/user/security/tutorials/activedirectory/index.html > > I am able to successfully authenticate users against Active Directory. > You can type in a username, password for a user and Geoserver logs them > in. However, I am not able to grant certain users the ADMIN role. > > How should I be translating our Active Directory structure into the LDAP > setting fields? > > We have created a group in ADS: > CN=Geobase Admins,OU=Application Groups,OU=COB > Groups,OU=Groups,DC=cob,DC=bloomington,DC=in,DC=gov > > Members for this group show up in the group's member parameter as: > CN=username,OU=Showers,OU=ITS,OU=City > Hall,OU=Departments,DC=cob,DC=bloomington,DC=in,DC=gov > > In the LDAP Authentication Provider screen, I am not certain if I am > getting the settings correct. I believe Geoserver is doing a search for > groups using a username as the filter. In order to get a search like > this to work in my LDAP client, I have to use: > > Search Base:CN=GeobaseAdmins,OU=Application Groups,OU=COB > Groups,OU=Groups,dc=cob,dc=bloomington,dc=in,dc=gov > > Search filter:member=CN=username,OU=Showers,OU=ITS,OU=City > Hall,OU=Departments,DC=cob,DC=bloomington,DC=in,DC=gov > > I have tried entering this information into the LDAP setting fields in > many ways, yet, when I try the instructions in "Test a LDAP login", the > user I log in as does not have administrative functionality. > > > -- > Cliff Ingham > City of Bloomington, Indiana > http://www.ohloh.net/accounts/inghamn > > > ------------------------------------------------------------------------------ > _______________________________________________ > Geoserver-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/geoserver-users > -- == Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK for more information. == Dott. Mauro Bartolomeoli @mauro_bart Senior Software Engineer GeoSolutions S.A.S. Via Poggio alle Viti 1187 55054 Massarosa (LU) Italy phone: +39 0584 962313 fax: +39 0584 1660272 http://www.geo-solutions.it http://twitter.com/geosolutions_it -------------------------------------------------------
------------------------------------------------------------------------------
_______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
