10-24-2009 03:58 PM - edited 02-21-2020 03:45 AM
Hi,
I've configured AD SSO and chose "ldap lookup server" to none and everything worked fine and put all users to default role in AD SSO configuration.
Now I need to configure different user role based on user membership in AD. So I configured lookup server and add it to AD SSO server. then confiured mapping rules and put "memberof" attribute in LDAP. But it doesn't work. still all users login to the default role, and it seems LDAP lookup server and mapping rules doesn't receive memberof attribute from AD.
any suggestion would be very appreciated.
thanks
Alex
10-24-2009 08:06 PM
Alex,
Check with Auth Test to see what attributes are being returned with your LDAP server.
Faisal
10-26-2009 02:30 PM
Hi Faisal,
in auth test tab, I don't see AD SSO or lookup server as provider.
thanks again,
Alex
10-26-2009 04:14 PM
Alex,
Depends on the version if they would be visible or not, but you can also setup a LDAP lookup server with the same settings as your lookup server and do an auth test with that.
HTH,
Faisal
10-26-2009 11:02 PM
Alex,
Check your string, it must be "memberOf", use capital "O". also, there must be no spaces in between your search strings, e.g. CN=abcd,DN=abcd
Hope this helps,
Dan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide