If you have any related experience/advice we would appreciate it.
thanks much,

On Sat, Mar 21, 2020 at 8:01 PM Vera Green <vera.green...@gmail.com> wrote:

> Hello,
> We have integrated our GeoServer with active directory (AD) as per this
> documentation
> <https://docs.geoserver.org/latest/en/user/security/tutorials/activedirectory/index.html>
> .
> We are attempting to RESTRICT GeoServer access through the use of an
> active directory GROUP.
> Goal:
>    - KEEP default/basic users and local user functionality as is. These
>    users are created locally on GeoServer and authenticate using the basic
>    method.  (Working)
>    - UPDATE the AD-LDAP authentication to:
>       - automatically synchronize users between GeoServer and AD (Working)
>       - restrict AD users to the AD group: portal_user group:
>          - Only users in this group will be available in the GeoServer
>          user list (working).
>          - Only users in this AD group can log in to GeoServer (ISSUE:
>          ALL AD Users can log in)
> *Details On Issue:*
> AD-LDAP has been configured to synchronize with AD and restrict to the
> portal_user group.
> HOWEVER ... by doing a different test I realized still any AD user can
> log in. The configuration I put in place was apparently only for setting
> roles and permissions once the user has logged in, but not to restrict or
> limit who can log in.
> I tested other different LDAP filters trying to restrict *Portal_User* group
> only but it was worse (I got errors when trying to log in).
> Thanks in advance for any suggestions.
> Please reply all.
> Vera
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
- Earning your support instead of buying it, but Ian Turton: 
- The GeoServer user list posting guidelines: 

If you want to request a feature or an improvement, also see this: 


Reply via email to