Security

Reply
Contributor II
Posts: 40
Registered: ‎03-05-2010

LDAP query pointing to AD group failing

I'm trying to setup Captive Portal using LDAP authentication for users.  Originally I had the LDAP Base-DN pointing to an OU for its username lookup, which works fine.  But now I need to be able to point it directly to an Active Directory group for more granularity, but it's not working.

 

I believe I have the syntax for the Base-DN correct, but I'm curious if anyone else has gotten this to work?  Or is Aruba simply not able to point directly to an AD group for LDAP authentication?

 

the base-dn I'm using,

 

CN=mygroup,OU=groupsou,OU=User Accounts,DC=mydomain,DC=ca

 

Thanks!

Guru Elite
Posts: 20,392
Registered: ‎03-29-2007

Re: LDAP query pointing to AD group failing


mmeyer wrote:

I'm trying to setup Captive Portal using LDAP authentication for users.  Originally I had the LDAP Base-DN pointing to an OU for its username lookup, which works fine.  But now I need to be able to point it directly to an Active Directory group for more granularity, but it's not working.

 

I believe I have the syntax for the Base-DN correct, but I'm curious if anyone else has gotten this to work?  Or is Aruba simply not able to point directly to an AD group for LDAP authentication?

 

the base-dn I'm using,

 

CN=mygroup,OU=groupsou,OU=User Accounts,DC=mydomain,DC=ca

 

Thanks!


No,

 

You cannot point to an AD Group for LDAP authentication.  A Base-DN only refers to containers, NOT groups.  I would make your Base-DN DC=mydomain,DC=ca so that you can authenticate all users. 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: