Extend LDAP plugin to support AD authentication
-
I’ve pushed into the working-RC-37 branch which, from my limited testing, appears this is now working properly.
-
Working with RC-36,
I’ve not got it working yet. I’m not sure I fully understand the purpose of these fields or if they are all required or not.
What I would like is instructions on how to authenticate a user, and require that user to be in a group called “fog_admins”. The group is in one spot in AD, the users are in another spot.
I’m assuming I path to the group in the group search dn field, and path to the users in the search base dn? Don’t know.
Admin group is obvious enough.
I am not worried about the mobile group.bind DN is the exact username and pass used to authenticate a user’s credentials, this is clear.
-
@Wayne-Workman
Here’s how mine is setup:Connection Name: What do you want to call it – not used for anything in regards to functionality.
Description: Self explanatory – not used for anything in regards to functionality.
Server Address: ###Needed### The address of your server.
Server Port: ###Needed### The port of your server (usually 389).
Search Base DN: ###Needed### The DN you need to search starting at… For me I’m searching under users common name.
Group Search DN: ###Needed### The dn you need to start searching for Groups… For me I’m searching under the OU named Groups.
Admin Group: ###Not required if mobile group is set### This is the group that will be looked at for ldap to be scanning for “FOG Admins”
Mobile Group: ###Not required if admin is set### This is the group that will be looked at to allow “mobile” users. These users cannot login to the main dashboard but they can login to the mobile page.
Initial Template: Does not do anything to the DB store. Just a “template” holder.
User Nam Attribute, what field to search for user names.
Group member attribute, what field to search for groups.
Bind DN, Not required as user based element should be able to find.
Bind Password the bind dn password.
-
George helped me figure out what I was doing wrong. But what you posted Tom is very valuable.