> set access ldap-options base-distinguished-name DC=tp,DC=ru > set access ldap-options search search-filter sAMAccountName= > set access ldap-options search admin-search distinguished-name > cn=junos,dc=tp,dc=ru > set access ldap-options search admin-search password > "$9$k.TFtu1RcyAtWLX7VbfTQ3Ap" > set access ldap-server 10.60.0.5 port 3268 > > but it did not help :(((
What LDAP server are you using ? Can u change the search-filter (sAMAccountName=) to "cn=" I use openldap server and below is the working ldap config profile Profile-1 { authentication-order ldap; ldap-options { base-distinguished-name DC=Domain,DC=com; search { search-filter cn=; admin-search { distinguished-name cn=admin,dc=Domain,dc=com; password "$9ccnjsgd89olsksio092oaP"; ## SECRET-DATA } } } ldap-server { 192.168.203.150 { port 389; source-address 192.168.203.200; } } } firewall-authentication { web-authentication { default-profile Profile-1; banner { success "LOGIN SUCCESSFULL"; } } traceoptions { file web; flag all; } } show interfaces ge-0/0/1 unit 0 { family inet { address 192.168.203.200/24 { preferred; } address 192.168.203.201/24 { web-authentication http; } } } - Bikram _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp