my default ldap configuration in application-security.xml is
<ldap-authentication-provider
server-ref="ldap_server" group-search-filter="member={0}"
group-search-base="ou=groups" user-search-base="ou=users"
user-search-filter="uid={0}" group-role-attribute="cn"
user-dn-pattern="uid={0},ou=users" />
Now i have to integrate it with customer ldap server, so i asked for values of following attributes:
group-search-filter
group-search-base
user-search-base
user-search-filter
group-role-attribute
Now customer come back with following details and saying it works for some other third party software:
The current 3rd party setup:
LDAP Hostname - 10.0.1.213
Port - 636
Secure - Yes
Assume this means SSL
RDN (Bind DN / bind user) - %u@%d
LDAP Domain - ORGANIZATION.local
Bind Password - N/A
User Search Base - ou=users,ou=us,dc=ORGANIZATION,dc=local
User Search Scope - subtree
Now i should ask him that we do need group attributes as well ?
As per my understanding these attributes are required to extract group name, group member and username from ldap and customer has just provided with the user related attributes
We use spring ldap and this is my first time with ldap
Aucun commentaire:
Enregistrer un commentaire