[389-users] Re: SSO and 389

2022-01-26 Thread N R
Hi, I've done some SAML SSO integrations and work regularly with FreeIPA. SSO is usually handled via a protocol like SAML, OpenID or Shibboleth, FreeIPA only serves as LDAP Identity database in these architectures. Our deployments used a "proxy" to handle these authentications and link them with

[389-users] Re: ACI with groupdn to target multiple groups

2021-02-08 Thread N R
Hi everyone, Thanks to Ludwig's indications, I've been able to get the behaviour I expected, using the filter with this ACI: (targetattr = "*") (target = "ldap:///cn=proxy,ou=Servers,dc=domain,dc=tld;) (version 3.0; acl "Allow only groups members to query this object"; allow (all) (groupdn =

[389-users] Re: ACI with groupdn to target multiple groups

2021-02-04 Thread N R
search: 2 result: 0 Success # numResponses: 5 # numEntries: 4 I'll try using ACI with the filter as you suggested and take a look at the logs, maybe I'll be luckier. Thanks for your help! Cheers, Nicolas 2021-02-03 19:07 UTC+01:00, Ludwig Krispenz : > > On 03.02.21 16:23, N R wrote:

[389-users] ACI with groupdn to target multiple groups

2021-02-03 Thread N R
Hi everyone, I'm not an English native speaker, so please forgive me if there's mistakes in this e-mail. OS : Fedora 30 389ds version / build number : 1.4.1.14 / 2020.023.2226 I'm struggling with ACI and despite hours of documentation reading, I don't understand how to make it work as I want.

[389-users] Re: 389ds and dual stack IPV4/6, also...

2020-02-28 Thread N R
ot;annuaire.telerys.infra" to both "cn=config" parameters mentioned by Mark : nsslapd-listenhost: annuaire.telerys.infra nsslapd-securelistenhost: annuaire.telerys.infra Beswt regards, Nick Rand 2020-02-28 2:53 UTC+01:00, William Brown : > > >> On 28 Feb 2020, at 01:54, N R

[389-users] Re: 389ds and dual stack IPV4/6, also...

2020-02-27 Thread N R
I've been able to find what was wrong in my configuration, I had a typo in the /etc/hosts file. ^_^' Thank you a lot for your time and your precious advices. Best regards, Nick Rand 2020-02-27 16:25 UTC+01:00, Mark Reynolds : > > On 2/27/20 10:13 AM, N R wrote: >> Hi Mark, >>

[389-users] Re: 389ds and dual stack IPV4/6, also...

2020-02-27 Thread N R
285/ns-slapd Why is the service always listening for IPV6 on port 636 whatever the parameter is set to? Best regards, Nick rand 2020-02-27 14:10 UTC+01:00, Mark Reynolds : > > On 2/27/20 8:03 AM, Mark Reynolds wrote: >> >> On 2/27/20 5:30 AM, N R wrote: >>> H

[389-users] 389ds and dual stack IPV4/6

2020-02-27 Thread N R
Hello all, It's my first message on this list thanks in advance for your answers. I've configured a 389ds instance with ipv6 address and it's working great with it. I need for this instance to be reachable via ipv4 also but despite hours of research on the web and the archive of the list, I