Security

last person joined: 2 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Amigopod w/ sponsor email lookup

This thread has been viewed 0 times

  • 1.  Amigopod w/ sponsor email lookup

    Posted May 08, 2012 09:40 AM
      |   view attached

    New with the Amigopod, so warning in advance.

     

    I am trying on getting amigopod to do the do_ldap_lookup for the sponsor email and not having any luck. When I put in a good email address, the sponsor email address just errors with a red box around it.   I have attached screen shots of what is configured now.  Where would one look for any debug messages to figure out at what point it fails?

     

    Thanks! 

    Attachment(s)

    docx
    sponsor_ldap_lookup.docx   236 KB 1 version


  • 2.  RE: Amigopod w/ sponsor email lookup

    EMPLOYEE
    Posted May 08, 2012 11:08 AM

    Can you confirm that you configured the LDAP server for sponsor lookups?  Administrator > Operator Logins > Servers shows your LDAP servers.  Create or edit yours to enable Sponsor Lookups.  You should be able to test a lookup.

     

    If you are not on Amigopod 3.9, and are testing against AD, you may need to make sure your LDAP URL starts with 'ldap3://' versus just 'ldap://'.

     



  • 3.  RE: Amigopod w/ sponsor email lookup

    Posted May 08, 2012 11:34 AM

    I am running 3.7 with whatever the latest downloadable updates there are.

     

    I added the LDAP3 to the line and did a test from edit Authentication Server page and it came back.

     

    I also made sure that Use this server to look up sponsors during self-registration was already checked.

     

    I tried the guest portal and no avail, Your value did not match an existing account.



  • 4.  RE: Amigopod w/ sponsor email lookup

    EMPLOYEE
    Posted May 08, 2012 12:02 PM

    The lookups are an exact match.  Your portal test was entered exactly as you did on the lookup test?  I have never seen the lookup test pass and then the actual portal fail.

     

    On Administrator > Plugin Manager > Manage Plugins you will find LDAP Sponsor Lookup, and it will have a Configuration link under it.  You want Minimum Query Length to be 0, I believe it used to default to 3.  If it cannot be saved, contact support and ask to update to the latest release, 3.9.  Also make sure the Form Field matches the field on the portal.

     



  • 5.  RE: Amigopod w/ sponsor email lookup

    Posted May 08, 2012 12:36 PM
      |   view attached

    I have a ticket open to get to a newer version.  I can't change Minimum Query Length to the 0 value.  Do I have the LDAP lookup setup correct?  I have tried a couple iterations, but....

    Attachment(s)

    docx
    ldap_plugin.docx   73 KB 1 version


  • 6.  RE: Amigopod w/ sponsor email lookup
    Best Answer

    EMPLOYEE
    Posted May 08, 2012 01:58 PM

    No, that is not right. 

     

    do_ldap_lookup is simply a flag telling the server to do a lookup. 

     

    Form Field is the field to do the lookup on.  This defaults to sponsor_email though some people will use a full name or phone.  It just needs to be unique on your server.

     

    In the LDAP Server section it is going to ask for the field on your server to match our field against.  This is often 'mail'.

     

    Until you get past the 0 bug, I would set a high number here (100).

     

    The Attribute Matchings is for extra fields to get placed into the user object on save.  This is so you have a permanent relation to the sponsor.  Since you are matching on emails as it is, you do not need that line.  A common entry is:

     

    sponsor_name | cn