[Samba] Using Samba AD/DC as an Active Directory OAuth provider for OpenShift
vincent at cojot.name
vincent at cojot.name
Fri Aug 21 20:40:32 UTC 2020
On Fri, 21 Aug 2020, Rowland penny via samba wrote:
> This works for me:
>
> rowland at devstation:~$ sudo ldapsearch -H ldaps://dc01.samdom.example.com -D
> 'SAMDOM\Administrator' -w 'xxxxxxxxxx' -b 'dc=samdom,dc=example,dc=com'
> 'memberof:1.2.840.113556.1.4.1941:=cn=Domain
> Admins,CN=Users,dc=samdom,dc=example,dc=com' | grep 'dn:'
> [sudo] password for rowland:
> dn: CN=Unix Admins,CN=Users,DC=samdom,DC=example,DC=com
> dn: CN=swanadmin,CN=Users,DC=samdom,DC=example,DC=com
> dn: CN=Rowland Penny,CN=Users,DC=samdom,DC=example,DC=com
> dn: CN=dhcpduser,CN=Users,DC=samdom,DC=example,DC=com
> dn: CN=Administrator,CN=Users,DC=samdom,DC=example,DC=com
>
> Rowland
You're right, this works here too:
ldapsearch -H ldaps://dc00.ad.lasthome.solace.krynn:636 -x -W -D
"raistlin at ad.lasthome.solace.krynn" -b
"dc=ad,dc=lasthome,dc=solace,dc=krynn"
'memberof:1.2.840.113556.1.4.1941:=cn=Domain
Admins,CN=Users,dc=ad,dc=lasthome,dc=solace,dc=krynn'|grep 'dn:'
Enter LDAP Password:
dn: CN=raistlin,CN=Users,DC=ad,DC=lasthome,DC=solace,DC=krynn
dn: CN=Administrator,CN=Users,DC=ad,DC=lasthome,DC=solace,DC=krynn
So that must not be the problem, then.. Do you see anything else that
stands out in the lines below?
augmentedActiveDirectory:
groupsQuery:
baseDN: "DC=ad,DC=lasthome,DC=solace,DC=krynn"
scope: sub
derefAliases: never
pageSize: 0
filter: (objectclass=group)
groupUIDAttribute: primaryGroupID
groupNameAttributes: [ cn ]
groupMembershipAttributes: [ "memberof:1.2.840.113556.1.4.1941:" ]
usersQuery:
baseDN: "DC=ad,DC=lasthome,DC=solace,DC=krynn"
scope: sub
derefAliases: never
filter: (objectclass=person)
pageSize: 0
userNameAttributes: [ "sAMAccountName" ]
Thanks Guys,
Vincent
More information about the samba
mailing list