Security

last person joined: 7 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

LDAP query pointing to AD group failing

This thread has been viewed 1 times

  • 1.  LDAP query pointing to AD group failing

    Posted Oct 02, 2012 11:52 AM

    I'm trying to setup Captive Portal using LDAP authentication for users.  Originally I had the LDAP Base-DN pointing to an OU for its username lookup, which works fine.  But now I need to be able to point it directly to an Active Directory group for more granularity, but it's not working.

     

    I believe I have the syntax for the Base-DN correct, but I'm curious if anyone else has gotten this to work?  Or is Aruba simply not able to point directly to an AD group for LDAP authentication?

     

    the base-dn I'm using,

     

    CN=mygroup,OU=groupsou,OU=User Accounts,DC=mydomain,DC=ca

     

    Thanks!



  • 2.  RE: LDAP query pointing to AD group failing

    EMPLOYEE
    Posted Oct 08, 2012 08:27 AM
    @mmeyer wrote:

    I'm trying to setup Captive Portal using LDAP authentication for users.  Originally I had the LDAP Base-DN pointing to an OU for its username lookup, which works fine.  But now I need to be able to point it directly to an Active Directory group for more granularity, but it's not working.

     

    I believe I have the syntax for the Base-DN correct, but I'm curious if anyone else has gotten this to work?  Or is Aruba simply not able to point directly to an AD group for LDAP authentication?

     

    the base-dn I'm using,

     

    CN=mygroup,OU=groupsou,OU=User Accounts,DC=mydomain,DC=ca

     

    Thanks!

    No,

     

    You cannot point to an AD Group for LDAP authentication.  A Base-DN only refers to containers, NOT groups.  I would make your Base-DN DC=mydomain,DC=ca so that you can authenticate all users.