This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LDAP Authentication by Attribute

Hi all,

I'm trying to get LDAP Authentication by Attribute to work.

This my configuration:
Windows 2003 Server (DC)
Astaro Release 5.004

If I use the LDAP Authentication without Attributes all user of the DC can use the HTTP-Proxy. This I don't want.

So first I have created a security Group on the DC with the name "HTTP_User".

After that I have activated "LDAP Authentication by Attribute" and add a entry for HTTP:
Service: HTTP
AttributeName: HTTP_User
AttributeValue: CN=HTTP_User,CN=Builtin,DC=companyXY,DC=de

After that no useres get access to the HTTP-Service!

I get this log entrys:
2004:05:18-13:14:36 (none) aua[2456]: LDAP method failed U: firstname.lastname
2004:05:18-13:14:36 (none) aua[2456]: U:firstname.lastname F:http R[:D]ENY

And the browser returs this:

The following error was encountered:
Cache Access Denied.

What is my mistake?

Any idea?

TIA
Marc

This thread was automatically locked due to age.

Parents

0 michael over 21 years ago

Hi Marc ..
change the attribute name from http_user to memberof.
This is the correct filter attribute if you are using Active Directory and should contain the attribute value CN=HTTP_User,CN=Builtin,DC=companyXY,DC=de

michal
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 michael over 21 years ago

Hi Marc ..
change the attribute name from http_user to memberof.
This is the correct filter attribute if you are using Active Directory and should contain the attribute value CN=HTTP_User,CN=Builtin,DC=companyXY,DC=de

michal
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 initB10r over 21 years ago in reply to michael

It works [:)] - Thanks

By the way. Can you tell me exactly, on which objects the user(Bind DN) need rights?

TIA
Marc
Cancel
Vote Up 0 Vote Down

Cancel