I have a MS Active Directory that hold the following key attributes.
Distinguished Name: CN=LName\, FName,OU=Division,OU=Deptt,DC=company,DC=com ObjectClass: person ObjectClass: user memberOf: CN=AWS-Admin,CN=Users,DC=company,DC=com memberOf: CN=DC-Admin,CN=Users,DC=company,DC=com sAMAccountName: ab1234567
I want the authentication to be performed on ‘ab1234567’ and ‘password’. What should the configuration look like for achieving this? Here’s what I have and the error I am getting.
1.How or What tool do you recommend I use to check the LDAP configuration on Windows?I want to understand how to get the information like Muks
2. Where do I filter which user account has access to particular apps, through my Windows LDAP settings?
-I know there is a group filter in the ShinyProxy application.yml file however. Is this group filtering to a particular account done in the .yml file or in the LDAP.
Personally, I use the Apache Directory Studio, which can be downloaded either as a standalone application or as an Eclipse plugin.
You need to define groups in LDAP and put users in these groups.
This is usually done by adding uniqueMember=<userName> attributes to the LDAP group. The group-search-filter attribute in Shinyproxy is used to identify these LDAP attributes, and thus to find out who the members of the group are.
Then, in Shinyproxy’s configuration, you can grant groups access to apps, using the ldap-groups attribute of the app.
So that’s important to note: you grant access to groups, not to individual users.
Shinyproxy’s sample configuration uses the forumsys public test LDAP server, which you can read more about here: