Why do I have to have samaccountname=KBOX_USER on every Search Filter for LDAP user authentication setups?
I have put in the proper Base DN for an AD security group that I want to make read only admins.
When I use ldap browser I can see the resulting users with a search filter of (member=*).
However when I put that into the Authentication screen and click apply it says KBOX_USER need to be part of Search Filter.
What does this mean?
I tried following the tip from kace.com on how to import a group but it did not work for me.
Example: For a specific group in Active Directory, you only want users in the Support Dept who are in the admin group to be able to logon and have admin rights in the K1000 appliance.
The User located in Active Directory is under support dept.kace.com
The Group in Active Directory is: admin.support.kace.com
To setup in the K1000 appliance LDAP authenication for the admin profile, the following parameters can be used:
1. Go to Settings -> Users Authentication -> Edit Mode -> Admin role
2. Search Base DN: cn=support dept,dc=kace, dc=com
The Search Base DN will identify the folder and subfolder to look into. It is a good practice to point to the location where the user is located.
3. Search Filter: (&(samaccountname=KBOX_USER)(memberOf=cn=admin,ou=support,dc=kace,dc=com))
The Search Filter will identifies with the properties of the account to search against
For this specific setup, it would only allow users in the group: cn=admin,ou=support,dc=kace,dc=com to logon to the K1000 appliance and receive admin rights.
There are no answers at this time