changed: set access ldap-options base-distinguished-name DC=tp,DC=ru set access ldap-options search search-filter sAMAccountName= set access ldap-options search admin-search distinguished-name cn=junos,dc=tp,dc=ru set access ldap-options search admin-search password "$9$k.TFtu1RcyAtWLX7VbfTQ3Ap" set access ldap-server 10.60.0.5 port 3268
but it did not help :((( 2014-03-18 17:32 GMT+06:00 Per Westerlund <p...@westerlund.se>: > I haven't done it myself (yet), but you probably need to define the > ldap-server directly under the stanza "access". In your profile TPAD you > just reference the ldap server with address 10.60.0.5, but you have not > defined it. When you define it, you can also specify what destination port > and source address to use. > > /Per > > 18 mar 2014 kl. 11:54 skrev Шепелев Андрей <xamalon...@gmail.com>: > > access { > profile TPAD { > authentication-order ldap; > ldap-options { > base-distinguished-name dc=tp,dc=ru; > search { > search-filter sAMAccountName=; > admin-search { > distinguished-name cn=junos,ou=users,dc=tp,dc=ru; > password "$9$NOdY4jHmfQFDjApuOREwY2oDi"; ## SECRET-DATA > } > } > } > ldap-server { > 10.60.0.5; > } > } > firewall-authentication { > pass-through { > default-profile TPAD; > } > web-authentication { > default-profile TPAD; > } > } > } > > > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp