That's a typo artifact.
It should be:
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
I disable StartTLS because I wanted to make sure I could get it working
before introducing any sort of TLS/SSL for LDAPS. Getting the certificates
to cooperate has proven to be difficult as I am new
Am 08.02.22 um 17:00 schrieb Michael Santangelo:
Hello all,
Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP
working.
I built an Ubuntu VM and did initial setup by doing:
1. git clone https://github.com/apereo/cas-overlay-template
2. I did some initial config changes
Hello all,
Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP
working.
I built an Ubuntu VM and did initial setup by doing:
1. git clone https://github.com/apereo/cas-overlay-template
2. I did some initial config changes in the cas.properties to get SSL up
and
Michael,
What do the ldap logs show?
Ray
On Tue, 2022-02-08 at 08:00 -0800, Michael Santangelo wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Hello all,
Forgive me for this, I'm brand new to
I am modifying the file project file not the file in the local /etc
folder. the full path is
/home//cas-management-overlay/etc/cas/config/cas.properties
On Tue, Feb 8, 2022 at 12:38 PM Pablo Vidaurri wrote:
> Are you modifying the cas.properties created in /etc/cas or the one in
> your project
Are you modifying the cas.properties created in /etc/cas or the one in your
project folder? I don't think you want to do a copyCasConfiguration on
each run as it will overwrite the cas.properies file in your /etc/cas folder
Anyhow, my config looks similar to yours. One think I did run a
I changed my config to:
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
I can see the bind hit the LDAP server but no other requests seem to make
it there.
I'll check wireshark and make sure the requests are being sent, then will
check back.
On Tuesday, February 8, 2022 at 12:08:36 PM UTC-5 Ray Bon wrote:
> Michael,
>
> What do the ldap logs show?
>
> Ray
>
> On
I was not quite done the previous email.
cas.authn.ldap[0]...
cas.authn.ldap[1]...
etc.
Ray
On Tue, 2022-02-08 at 10:13 -0800, Michael Santangelo wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
The finalized working bit for Active Directory LDAP was:
# Working LDAP Auth
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
Michael,
To follow up on Felix's post.
You can create multiple ldap (ldap entries, one for each ou. cas will search
them the order they are in your properties file.
Ray
On Tue, 2022-02-08 at 10:13 -0800, Michael Santangelo wrote:
Notice: This message was sent from outside the University of
I think you should use only one entry for "type". (Currently you will
probably use AUTHENTICATED)
Felix
Am 08.02.22 um 22:07 schrieb Michael Santangelo:
The finalized working bit for Active Directory LDAP was:
# Working LDAP Auth
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Active
I don't believe this is an issue with mod_auth_cas, but I could use some
direction.
A user with a large SAML memberships payload is not passing authentication
due to the length:
[proxy_fcgi:warn] [pid 750194] [client xxx.xxx.xxx.xxx:57500] AH02536:
couldn't encode envvar 'HTTP_SAML_MEMBEROF'
Are you sure, that you need to set dnFormat? If you have users in
different ou's, it will be difficult to use with a template as
cn=%s,ou=... and should not the dn be found by the searchFilter?
Felix
Am 08.02.22 um 19:13 schrieb Michael Santangelo:
I changed my config to:
14 matches
Mail list logo