[racktables-users] Re: AD groups do not work for Write permission.
- From: "Manochehri, Tim" <Tim.Manochehri@xxxxxxxxxxxxxxxx>
- To: <racktables-users@xxxxxxxxxxxxx>
- Date: Thu, 11 Aug 2011 10:22:03 -0700
Well our users are in various OU's... Not in a single OU.
So the base of "'search_dn' => 'OU=Users,DC=example,DC=com'," would
never work in our Environment.
Any ideas?
Tim Manochehri
Sr. Unix Systems Engineer
Confidentiality Notice: This e-mail message, including attachments, is for the
sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.
-----Original Message-----
From: racktables-users-bounce@xxxxxxxxxxxxx
[mailto:racktables-users-bounce@xxxxxxxxxxxxx] On Behalf Of Denis Ovsienko
Sent: Thursday, August 11, 2011 10:13 AM
To: racktables-users@xxxxxxxxxxxxx
Subject: [racktables-users] Re: AD groups do not work for Write permission.
11.08.2011, 21:04, "Manochehri, Tim" <Tim.Manochehri@xxxxxxxxxxxxxxxx>:
> Here are the LDAP_options section:
>
> $LDAP_options = array
> (
> 'server' => 'abc.acme.com',
> 'domain' => 'abc.acme.com',
> 'search_attr' => 'uid',
> 'group_attr' => 'memberof',
> 'cache_refresh' => 300,
> 'cache_retry' => 15,
> 'cache_expiry' => 600,
> );
>
> Authentication works fine.. Just AD group membership is failing.
For the group membership to work, AD would require a different configuration
(check out the sample AD config on wiki). The matter is, LDAP search mode must
work to get the group information from the server.
--
Denis Ovsienko
Other related posts:
