Sean, LDAP only works with Neo4j enterprise. You can sign up for it either as a trial or for personal use or our startup program.
Cheers, Michael On Fri, Feb 3, 2017 at 10:10 PM, Sean Whalen <[email protected]> wrote: > Hi all, > > I've configured LDAP support as described here https://neo4j.com/docs/ > operations-manual/current/security/authentication-authorization/ldap- > integration/ but LDAP login isn't working, and native auth still works. > Way ideas? I don't have enterprise neo4j, so I don't have a security log to > check. > > Here's the configuration: > > > # Turn on security > dbms.security.auth_enabled=true > > # Choose LDAP connector as security provider for both authentication and > authorization > dbms.security.auth_provider=ldap > > # Configure LDAP to point to the AD server > dbms.security.ldap.host=ldap://dc.example.net > > # Provide details on user structure within the LDAP system: > dbms.security.ldap.authentication.user_dn_template={0}@example.net > dbms.security.ldap.authorization.user_search_base=cn=dc=example,dc=net > dbms.security.ldap.authorization.user_search_filter=(&(objectClass=*)( > sAMAccountName={0})) > dbms.security.ldap.authorization.group_membership_attributes=memberOf > > # Configure the actual mapping between groups in the LDAP system and roles > in Neo4j > dbms.security.ldap.authorization.group_to_role_mapping=\ > "CN=A-BloodHound-RO,OU=Application Groups,OU=Users and > Groups,DC=example,DC=net" = reader ;\ > "CN=P-BloodHound-Admin,OU=Privileged Groups,OU=Users and > Groups,DC=example,DC=net" = admin > > -- > You received this message because you are subscribed to the Google Groups > "Neo4j" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Neo4j" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
