Hi All, While doing ldap search like sAMAccountName=* is working from console but the same change in yaml file is throwing error.
Is there anyway to use wildcard for any attribute to identify the person for login? Regards, Mohd Get Outlook for iOS<https://aka.ms/o0ukef> ________________________________ From: [email protected] <[email protected]> Sent: Thursday, October 11, 2018 9:07:33 PM To: [email protected] Subject: [OpenXPKI-users] LDAP authentication Hi Team, I am trying to use LDAP authentication from AD. I have created two entries, one for security group (RA Operator)and one for Users(user-ad) as below: Connector.yaml user-ad: class: Connector::Builtin::Authentication::LDAP LOCATION: ldap://10.10.10.1 base: dc=company,dc=loc binddn: cn=binduser password: secret filter: "(sAMAccountName=[% LOGIN %])" RA-Operator: class: Connector::Builtin::Authentication::LDAP LOCATION: ldap://10.10.10.1 base: dc=company,dc=loc binddn: cn=binduser password: secret filter: "(&(sAMAccountName=[% LOGIN %])(memberOf=CN=RA Operator,OU=SecurityGroups,DC=company,DC=loc))" It is giving error as "Login with the given credential failed" unless I am not specifying the exact sAMAccountName in connector.yaml for e.g. sAMAccountName=test. Note: Single sign on method is not available. Please correct me if I am doing anything wrong. Regards, Mohd
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
