Hi,
The problem is that it depends so much on the AD structure that it is
difficult to cover all possible setups.
I think the best way to prepare the setup is to use an LDAP browser such
as LDAPExplorer tool:
* install http://ldaptool.sourceforge.net/
* Ask your AD administrator for a UserDN that can be used to connct to
the directory such as:
CN=MyPowerUser,CN=Users,DC=myDomainPart1,DC=myDomainPart2,DC=myDomainPart3
* Check if SSL can be used or not (usually not using anonymous bind)
* check the BaseDN that will be used, usually
DC=myDomainPart2,DC=myDomainPart3
Once connected with LdapExplorer, browse the directory to check if you
can see the users. If you can't, then:
* double check the search BaseDN, and try an "upper" basseDN
* doubleCheck with your AD administrator that the CN=MyPowerUser account
has the right to read the directory
Once you've done these tests, post your results on the list and we'll
help define your best setup for OM.
My 2 cents,
Thibault
Le 24/10/2014 15:26, Peteris Krisjanis a écrit :
Hi!
Is there well defined know how how to connect OM with regular AD?
I have tried it in various configurations but no luck. So I would like
to understand what is recommended ways to do so. It worked in OM 2 but
with reworked LDAP support OM 3 it stopped to work for some reason.
Whatever I use anonymous search and bind I get not found message in
logs. When I try to authenticate it fails to do so. I suspect some
security stuff is required and that's missing. But it worked with OM 2
for some strange reason.
Server is Windows Server 2012.
Respectfully and thanks for all hard work,
Peter.
