[j-nsp] SRX100 LDAP
Bikram Singh
sbikram at live.com
Wed Mar 19 15:30:26 EDT 2014
> set access ldap-options base-distinguished-name DC=tp,DC=ru
> set access ldap-options search search-filter sAMAccountName=
> set access ldap-options search admin-search distinguished-name
> cn=junos,dc=tp,dc=ru
> set access ldap-options search admin-search password
> "$9$k.TFtu1RcyAtWLX7VbfTQ3Ap"
> set access ldap-server 10.60.0.5 port 3268
>
> but it did not help :(((
What LDAP server are you using ? Can u change the search-filter (sAMAccountName=) to "cn="
I use openldap server and below is the working ldap config
profile Profile-1 {
authentication-order ldap;
ldap-options {
base-distinguished-name DC=Domain,DC=com;
search {
search-filter cn=;
admin-search {
distinguished-name cn=admin,dc=Domain,dc=com;
password "$9ccnjsgd89olsksio092oaP"; ## SECRET-DATA
}
}
}
ldap-server {
192.168.203.150 {
port 389;
source-address 192.168.203.200;
}
}
}
firewall-authentication {
web-authentication {
default-profile Profile-1;
banner {
success "LOGIN SUCCESSFULL";
}
}
traceoptions {
file web;
flag all;
}
}
show interfaces ge-0/0/1
unit 0 {
family inet {
address 192.168.203.200/24 {
preferred;
}
address 192.168.203.201/24 {
web-authentication http;
}
}
}
- Bikram
More information about the juniper-nsp
mailing list