Hi, I am not sure whether this is a configuration issue, bug, or an enhancement request:
We have a customer with AD/LDAP on which we have connected the CSS for user authentication.
The main user (cn) credentials are in ou=Users, o=Customer. So apparently this ou is on top level.
There are special account we would like to grant access as well. A certain group resides in
Also a Users ou, but in another branch.
I can not figure out how to combine this in CSS. In the User Settings Search base, I can not combine (with OR) the DN's. And CSS apparently does not retrieve from all ou's named Users.
I I use the Softerra LDAP browser, I can do a Directory Search with Search DN: ou=Users, and it will return users from any/both Users ou's. CSS does not.
If I change the User search base to ou=Services instead of Users, it will find the users in ou=Users,ou=e-Directory,ou=Services,o=Customer
Is it possible to use two or more locations somehow?
Or how do I specify to search from top level? Apparantly I can not use o=Customer as search base:
LDAP error when performing search: Unable to complete LDAP query, error in name/search base.
Actually CSS should find users from all ou=Users occurances, just like Softerra does. That might be an enhancement request.
LDAP server type: Other
LDAP server type: o=Customer
User group membership
Test search on username in second ou:
LDAP error when performing search: Could not find LDAP user with username: [specialuser] with LDAP URL: [ldaps://ldap.customer.org:636/o=customer], with usernameAttribute: [uid] and userSearchBase: [ou=Users].
CSS install process hanging 2 Answers
DCRUM HA & FO Technical Overview 5 Answers