Hi Benjamin,
I did not because it is working with the space :
binddn: cn=service_account,OU=Service Accounts,DC=myorg,DC=com -> OK
I was used to ldapsearch where I can put myorg\service_account to bind to
the AD (simple bind).
As I read here for the bind error 49 :
https://community.cisco.com/t5/wireless-security-and-network/wlc-4404-ldap-bind-fails/td-p/1620908
It should also be working with :
binddn: myorg\service_account (without the cn= )
But this does not work to authenticate to the AD.
As you suggested I also tried :
binddn: cn=service_account,OU=Service\ Accounts,DC=myorg,DC=com
But this is not working.
I use for the ldap filter :
filter: "(&(objectClass=user)(sAMAccountName=[% LOGIN %]))"
which is perfect to allow access from any user inside the organization.
Thanks
Raphaël
Le mar. 21 août 2018 à 06:35, Reiter, Benjamin, ITZ IVA5 <
[email protected]> a écrit :
> Hi Raphael,
>
> > binddn: cn=service_account,OU=Service Accounts,DC=myorg,DC=com
>
> Have you tried escaping the empty spaces?
> Like: binddn: cn=service_account,OU=Service\ Accounts,DC=myorg,DC=com
>
>
> Best regards
> Ben
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> OpenXPKI-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openxpki-users
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
