[midPoint] Active Directory Authentication in midPoint
Konstantin Tikhonov
Konstantin.Tikhonov at veeam.com
Mon Apr 6 16:23:44 CEST 2020
Hello Guys,
Thanks a lot for help. We’ll try and I’ll get to you with feedback about results.
--
Best Regards,
Konstantin.
From: midPoint <midpoint-bounces at lists.evolveum.com> On Behalf Of Jason Everling
Sent: Monday, April 6, 2020 5:12 PM
To: midPoint General Discussion <midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Active Directory Authentication in midPoint
Add this or create application.yml in midpoint.home
auth:
ldap:
host: ldaps://ldap.example.edu:3269/dc=example,dc=edu
manager: bindaccount at example.edu<mailto:bindaccount at example.edu>
password: Password
dn:
pattern: sAMAccountName={0}
search:
pattern: (sAMAccountName={0})
subtree: true
Then under JAVA_OPTS or however you defined -Dmidpoint.home,
append -Dspring.profiles.active=ldap
If you want to use a different attribute,
search:
pattern: (userPrincipalName={0})
naming-attr: sAMAccountName
subtree: true
From: Paulo Fernandes de Souza Junior<mailto:PFSJ at senado.leg.br>
Sent: Monday, April 6, 2020 8:15 AM
To: midPoint General Discussion<mailto:midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Active Directory Authentication in midPoint
Hi Konstantin,
We are using AD authentication, just following the docs in https://wiki.evolveum.com/pages/viewpage.action?pageId=23167000, with success.
[],
Paulo Fernandes de Souza Jnior
NQPPPS
Senado Federal - PRODASEN
Fone: 61 3303.3924
De: midPoint <midpoint-bounces at lists.evolveum.com<mailto:midpoint-bounces at lists.evolveum.com>> em nome de Konstantin Tikhonov <Konstantin.Tikhonov at veeam.com<mailto:Konstantin.Tikhonov at veeam.com>>
Enviado: quinta-feira, 2 de abril de 2020 15:00
Para: midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>
Assunto: [midPoint] Active Directory Authentication in midPoint
Hello.
We’re trying to configure Active Directory authentication (LDAP and SAML) in midPoint but facing various difficulties.
Could you please let us know if it’s possible that our users and admins use their AD accounts to log in midPoint? If yes could you please show the way haw we can do it?
Thanks a lot in advance.
--
Best Regards,
Konstantin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200406/d9c01953/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 144 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200406/d9c01953/attachment.png>
More information about the midPoint
mailing list