[cas-user] CAS ldap against AD?

Wed, 13 Dec 2017 14:09:08 -0800 

I am a newbie to CAS.   I just installed 5.2 using Maven.   I successfully
logged in via the test account of causer.  But now I want to get ldap
against active directory working.  I successfully installed the
dependencies and that seems ok.  My issue is with configuring
cas.properties.   I read on-line that if I use type=AD, I need to use
dnFormat?   Is that true?   I don’t really understand how that entry should
look.



Also, I would like to use SSL or TLS.  Not sure if certs are necessary for
at least establishing encryption.  Can someone share with me the necessary
settings for getting ldap to auth against AD.  I seem to be struggling with
what I particularly need to get ldap to work against AD.  And if I need
dnFormat, I could use an example of how that should look.



Below is my config related to ldap.







cas.authn.ldap[0].type=AD



cas.authn.ldap[0].ldapUrl=ldaps://bcdc3.beloit.edu

cas.authn.ldap[0].connectionStrategy=

cas.authn.ldap[0].useSsl=true

cas.authn.ldap[0].useStartTls=false

cas.authn.ldap[0].connectTimeout=5000

cas.authn.ldap[0].subtreeSearch=true

cas.authn.ldap[0].baseDn=dc=its,dc=beloit,dc=edu

cas.authn.ldap[0].userFilter=cn={sAMAccountName}

cas.authn.ldap[0].bindDn=CN=ldapadmin,CN=Users,DC=its,DC=beloit,DC=edu

cas.authn.ldap[0].bindCredential=xxxxxxxx



#cas.authn.ldap[0].enhanceWithEntryResolver=false

#cas.authn.ldap[0].dnFormat=%s,dc=its,dc=beloit,dc=edu

#cas.authn.ldap[0].principalAttributeId=sAMAccountName

#cas.authn.ldap[0].principalAttributePassword=password





Tim Tyler

Network Engineer

Beloit College

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/22394f2759232d0a1e53c6d61f841f82%40mail.gmail.com.

Reply via email to