LDAP Assistance with Active Directory

pon-raj · November 3, 2018, 8:29pm

Hi, I am having difficulty in getting RoR working with Active Directory for the below search filters:

userFilter="(&(sAMAccountName=%v)(objectcategory=user))"
groupFilter="(&(cn=%v)(objectcategory=group))"
userIdMap=“user:sAMAccountName”
groupIdMap="*:cn"
groupMemberIdMap=“memberOf:member” >

I would appreciate if you could help me to get this configured in readonlyrest.yml.

Thanks.

sscarduzio · November 6, 2018, 10:28pm

@pon-raj we need more info to help you.

the whole readonlyrest.yml settings
some ES logs for the requests you expected to be allowed, but are instead being “forbidden”
Please try to put Elasticsearch in debug logs mode, so you can have more info from the LDAP connector