Active Directory - not getting group and users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2022 09:32 AM
The proxy is able to query Active Directory but as soon as I try and get users from a specific group it errors out:
[error] The Auth Proxy did not get results searching for users in DN DC=company,DC=org using the filter (&(|(memberof=CN=Duo Users,OU=Users,DC=company,DC=org))(|(&(objectClass=user)(objectCategory=person))(objectClass=inetOrgPerson)(objectClass=organizationalPerson))). It is likely that Duo would not be able to find specific users during authentication. Please confirm that DC=company,DC=org is the correct, fully qualified DN and that users should pass the filter.
[error] The Auth Proxy was not able to find the DN CN=Duo Users,OU=Users,DC=company,DC=org. Please confirm that DN exists and is accessible.
[ad_client]
host=10.1.1.2
host_2=10.1.1.3
service_account_username=duo
service_account_password=XXXXXXXXXXXX
search_dn=DC=company,DC=org
security_group_dn=CN=Duo Users,OU=Users,DC=company,DC=org
Once I remove the security_group_dn everything validates properly so I know it is binding to AD just fine.
Thank you for your help!
- Labels:
-
Authentication Proxy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2022 09:53 AM
Never mind, I overlooked the fact that the Users folder is actually a container and not an OU hah!
