[j-nsp] SRX100 LDAP
Шепелев Андрей
xamalon4eg at gmail.com
Tue Mar 18 22:44:24 EDT 2014
changed:
set access ldap-options base-distinguished-name DC=tp,DC=ru
set access ldap-options search search-filter sAMAccountName=
set access ldap-options search admin-search distinguished-name
cn=junos,dc=tp,dc=ru
set access ldap-options search admin-search password
"$9$k.TFtu1RcyAtWLX7VbfTQ3Ap"
set access ldap-server 10.60.0.5 port 3268
but it did not help :(((
2014-03-18 17:32 GMT+06:00 Per Westerlund <p1 at westerlund.se>:
> I haven't done it myself (yet), but you probably need to define the
> ldap-server directly under the stanza "access". In your profile TPAD you
> just reference the ldap server with address 10.60.0.5, but you have not
> defined it. When you define it, you can also specify what destination port
> and source address to use.
>
> /Per
>
> 18 mar 2014 kl. 11:54 skrev Шепелев Андрей <xamalon4eg at gmail.com>:
>
> access {
> profile TPAD {
> authentication-order ldap;
> ldap-options {
> base-distinguished-name dc=tp,dc=ru;
> search {
> search-filter sAMAccountName=;
> admin-search {
> distinguished-name cn=junos,ou=users,dc=tp,dc=ru;
> password "$9$NOdY4jHmfQFDjApuOREwY2oDi"; ## SECRET-DATA
> }
> }
> }
> ldap-server {
> 10.60.0.5;
> }
> }
> firewall-authentication {
> pass-through {
> default-profile TPAD;
> }
> web-authentication {
> default-profile TPAD;
> }
> }
> }
>
>
>
More information about the juniper-nsp
mailing list