I haven’t done it myself (yet), but you probably need to define the ldap-server
directly under the stanza ”access”. In your profile TPAD you just reference the
ldap server with address 10.60.0.5, but you have not defined it. When you
define it, you can also specify what destination port and source address to use.
/Per
18 mar 2014 kl. 11:54 skrev Шепелев Андрей <xamalon...@gmail.com>:
> access {
> profile TPAD {
> authentication-order ldap;
> ldap-options {
> base-distinguished-name dc=tp,dc=ru;
> search {
> search-filter sAMAccountName=;
> admin-search {
> distinguished-name cn=junos,ou=users,dc=tp,dc=ru;
> password "$9$NOdY4jHmfQFDjApuOREwY2oDi"; ## SECRET-DATA
> }
> }
> }
> ldap-server {
> 10.60.0.5;
> }
> }
> firewall-authentication {
> pass-through {
> default-profile TPAD;
> }
> web-authentication {
> default-profile TPAD;
> }
> }
> }
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
