Thank you! That was the hint i needed. I now created a binduser and its
working with the group.
On 22.05.2017 16:46, Alexander Bokovoy wrote:
> On ma, 22 touko 2017, Sebastian Kösters wrote:
>> so, like this?
>>
>> AuthBasicProvider ldap
>> AuthLDAPURL "ldaps://ipa01.hostname.de:636
>> ipa02.hostn
Have you tried using the ldap-group directive?
Require ldap-group cn=somegroup,cn=groups,cn=accounts,dc=example,dc=com
C
On Mon, May 22, 2017 at 7:19 AM, Sebastian Kösters wrote:
> Hi all!
>
> i have a question about the use of LDAP with .htaccess in freeIPA.
>
> i am using freeIPA (V. 4.4.0-1
On ma, 22 touko 2017, Sebastian Kösters wrote:
so, like this?
AuthBasicProvider ldap
AuthLDAPURL "ldaps://ipa01.hostname.de:636
ipa02.hostname.de:636/cn=users,cn=accounts,dc=domain,dc=de?member"
require ldap-group webtest
does not work for me?
You should be able to see it if you are authentica
.com;
freeipa-users@lists.fedorahosted.org
Subject: Re: [Freeipa-users] Re: freeipa ldap + htaccess question
so, like this?
AuthBasicProvider ldap
AuthLDAPURL "ldaps://ipa01.hostname.de:636
ipa02.hostname.de:636/cn=users,cn=accounts,dc=domain,dc=de?member"
require ldap-group webtest
ing up group membership.
>
> The attribute on the group is member
>
>
>
> Verzonden vanaf mijn Samsung-apparaat
>
>
> Oorspronkelijk bericht
> Van: Sebastian Kösters
> Datum: 22-05-17 16:11 (GMT+01:00)
> Aan: Peter Fern ,
> freeipa-u
eeipa-users@lists.fedorahosted.org
Onderwerp: [Freeipa-users] Re: freeipa ldap + htaccess question
Hi,
i also already tried this :) ...also with the groups DN (which i found
via ldapsearch).
Sadly it did not help.
BR
On 22.05.2017 16:05, Peter Fern wrote:
> The gidNumber attribute is just the
Hi,
i also already tried this :) ...also with the groups DN (which i found
via ldapsearch).
Sadly it did not help.
BR
On 22.05.2017 16:05, Peter Fern wrote:
> The gidNumber attribute is just the primary group. You won't see any
> supplementary groups there, just like /etc/passwd. Use memberOf
The gidNumber attribute is just the primary group. You won't see any
supplementary groups there, just like /etc/passwd. Use memberOf with
the group's DN or something for supplimentary groups.
If you want to see what the data looks like in the directory, just use
ldapsearch - this is all standard
Thank you all for your quick answers.
Problem is, i have a few "Webapps" that require LDAP.
I am more or less just using htaccess to have a simple way testing it.
BR
Sebastian
On 22.05.2017 15:32, Maciej Drobniuch wrote:
> Hi Sebastian,
>
> I do not know the solution for your particular proble
Hi Sebastian,
I do not know the solution for your particular problem.
A small hint however, try going with spnego/kerberos.
IMHO You should be able to achieve something like this out of the box with
HBAC rules via the freeipa web interface.
BR
M.
On Mon, May 22, 2017 at 3:19 PM, Sebastian Köst
10 matches
Mail list logo