LDAP Assistance with Active Directory


(Raj) #1

Hi, I am having difficulty in getting RoR working with Active Directory for the below search filters:

userFilter="(&(sAMAccountName=%v)(objectcategory=user))"
groupFilter="(&(cn=%v)(objectcategory=group))"
userIdMap=“user:sAMAccountName”
groupIdMap="*:cn"
groupMemberIdMap=“memberOf:member” >

I would appreciate if you could help me to get this configured in readonlyrest.yml.

Thanks.


(Simone Scarduzio) #2

@pon-raj we need more info to help you.

  1. the whole readonlyrest.yml settings
  2. some ES logs for the requests you expected to be allowed, but are instead being “forbidden”
  3. Please try to put Elasticsearch in debug logs mode, so you can have more info from the LDAP connector