[midPoint] Active Directory Authentication in midPoint

Konstantin Tikhonov Konstantin.Tikhonov at veeam.com
Mon Apr 6 16:23:44 CEST 2020 

Hello Guys,

Thanks a lot for help. We’ll try and I’ll get to you with feedback about results.

--
Best Regards,

Konstantin.

From: midPoint <midpoint-bounces at lists.evolveum.com> On Behalf Of Jason Everling
Sent: Monday, April 6, 2020 5:12 PM
To: midPoint General Discussion <midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Active Directory Authentication in midPoint

Add this or create application.yml in midpoint.home

auth:
  ldap:
    host: ldaps://ldap.example.edu:3269/dc=example,dc=edu
    manager: bindaccount at example.edu<mailto:bindaccount at example.edu>
    password: Password
    dn:
      pattern: sAMAccountName={0}
    search:
      pattern: (sAMAccountName={0})
      subtree: true

Then under JAVA_OPTS or however you defined -Dmidpoint.home,
append -Dspring.profiles.active=ldap

If you want to use a different attribute,

    search:
      pattern: (userPrincipalName={0})
      naming-attr: sAMAccountName
      subtree: true


From: Paulo Fernandes de Souza Junior<mailto:PFSJ at senado.leg.br>
Sent: Monday, April 6, 2020 8:15 AM
To: midPoint General Discussion<mailto:midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Active Directory Authentication in midPoint


Hi Konstantin,



We are using AD authentication, just following the docs in https://wiki.evolveum.com/pages/viewpage.action?pageId=23167000​, with success.



[],


Paulo Fernandes de Souza Jnior
NQPPPS
Senado Federal - PRODASEN
Fone: 61 3303.3924


De: midPoint <midpoint-bounces at lists.evolveum.com<mailto:midpoint-bounces at lists.evolveum.com>> em nome de Konstantin Tikhonov <Konstantin.Tikhonov at veeam.com<mailto:Konstantin.Tikhonov at veeam.com>>
Enviado: quinta-feira, 2 de abril de 2020 15:00
Para: midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>
Assunto: [midPoint] Active Directory Authentication in midPoint

Hello.

We’re trying to configure Active Directory authentication (LDAP and SAML) in midPoint but facing various difficulties.

Could you please let us know if it’s possible that our users and admins use their AD accounts to log in midPoint? If yes could you please show the way haw we can do it?

Thanks a lot in advance.

--
Best Regards,

Konstantin


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200406/d9c01953/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 144 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200406/d9c01953/attachment.png>

More information about the midPoint mailing list