This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

edir authentication V7

I installed V7 with edir authentication.
Maybe there is a bug with edir authentication.

I enabled edir authentication.
context is ou=user,ou=technik,o=company
Thats ok.
After that I defined groups

Open groups --> new group
group name ALL
group type backend membership
backend edirectory
limit to backend groups membership enable
Now I can select some objects from my edir
I selected not a group instead that i used a container
I selected ou=user , so I thought if I do this, all user included at this container could managed via this group "ALL".

Next point I configured Web Security
http --> global
allowed networks "internal network"
operation mode edirectory SSO
user groups "ALL"

Now I tried to connect to internet, no success There will be displayed
a authentication window to type in user credentials.

If I define at users -->a group from edirectory (for example: buero)
and put this in at web security, all users included in this edir group
are allowed to connect to internet with SSO.

With version 6.303 it was ok to define a container and all users at this container could use internet via SSO.

Is this feature gone ?

This thread was automatically locked due to age.

Parents

0 mduran over 19 years ago

I've posted the same question a few weeks ago. Not one reply to it. My reseller also asked the same question but Astaro couldn't find an answer for him. Creating groups for all my users is a time consuming business for me.
Cancel
Vote Up 0 Vote Down

Cancel
0 boquinn over 19 years ago in reply to mduran

I don't know if this feature is gone altogether or if it will come back when we get a few more patches, but I can add another voice to the chorus saying that SSO just does not work with containers.

In our school setup, my goal was to use groups to allow and disallow student users, but simply use our staff containers to authorize the adults. Not having containers means I need one more group to handle the staff members.

I put together a perl script that, in combination with JRBUtilities, will automatically populate an eDir group from the users in a container and I am going to set it up to run daily with some of my other admin jobs so I won't have to think about the "internet access" group when I move and add users.
Cancel
Vote Up 0 Vote Down

Cancel
0 Gert Hansen over 19 years ago in reply to boquinn

Hi there,

i confirm that there is a bug in the eDirectory group mapping, that it currently does not support containers.
This will be fixed asap.

regards
Gert
Cancel
Vote Up 0 Vote Down

Cancel
0 mduran over 19 years ago in reply to Gert Hansen

Here,

Gert, that is just the right thing I wanted to hear.

Thanks.

P.s. When will edirectory fallback to ldap in 6.303 be fixed? [:)]
Cancel
Vote Up 0 Vote Down

Cancel
0 mwilmsen over 19 years ago in reply to mduran

Is this problem solved yet?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 mwilmsen over 19 years ago in reply to mduran

Is this problem solved yet?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 foster over 18 years ago in reply to mwilmsen

Hi there,

I use V6 with eDirectory SSO authentication and planed migrate to V7.

I configure V7 with eDirectory SSO as V6, but transparent authentication not worked :-(
Basic authentication with eDirectory work fine.

http://195.94.237.220/asg/Clip.jpg
http://195.94.237.220/asg/Clip_2.jpg
http://195.94.237.220/asg/Clip_3.jpg
Cancel
Vote Up 0 Vote Down

Cancel