Closed Bob-O-Rama closed 5 years ago
Oh, and of course the grist of the title: I can see there is no attempts to hit LDAP for the existing users. I assume this is by design. If I type in a garbage User ID, one that does not exist, I see LDAP module it login using the LDAP proxy creds provided and then it tries to lookup the garbage user. I have also tried the .\username ( why? IDK. wishful thinking. ) same results.
go to http://mutonufoai.github.io/pgina/documentation/user.html and search for "pGina created"
Thanks for confirming.
I've been using pGINA and more recently pGINA.fork in some for forever. But I obviously don't understand how to get this to work with these newer versions after readin over the docs and looking at prior issues. And feeling more like an imbecile than normal.
Setup: W2012R2, no domain / no AD, several existing local accounts created by hand with garbage / random passwords. Running latest pGina.fork. I have LDAP and Local Machine plugins enabled for authentication and gateway. LDAP Plugin points to, you guessed it, LDAP and specifies UniqueID=%u for account naming purposes. So I assume that's all wrong... given that would have been it for the older releases I have used.
What I want to do is have the LDAP AUTH suffice to allow authentication against the local accounts.
OR
Blow away all these local user accounts and let pGINA create permanent local accounts.
( The reason I want to create the local accounts myself is that I do not necessarily want every LDAP account to work, and of the 3000 or so I have I need a random grouping of them - this also varies from box to box and not in a way that makes any sense for any rational human being. So better to force the admin to create a local account with the LDAP user ID rather than try to find a way to prevent pGINA from creating a bunch of spurious local accounts, or worse. }
Anyways, thanks for pGINA.fork and thanks in advance for any help.
-- Bob