search

ibm-ecm / container-samples

Instructions and sample files for deploying with Kubernetes.
24 stars 24 forks source link

Update AD example for samAccount Name or UPN or Mail #7

Closed TiloGit closed 6 months ago

TiloGit commented 5 years ago

https://github.com/ibm-ecm/container-samples/blob/c7fe7992091974df341dfb069c1f2c3262b216b5/CPE/configDropins/overrides/ldap_AD.xml#L11

The plain WLP example contains this for ldapType="Microsoft Active Directory" (sAMAccountName) https://www.ibm.com/support/knowledgecenter/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/twlp_sec_ldap.html

<activedFilters
    userFilter="(&amp;(sAMAccountName=%v)(objectcategory=user))"
    groupFilter="(&amp;(cn=%v)(objectcategory=group))" 
    userIdMap="user:sAMAccountName" 
    groupIdMap="*:cn" 
    groupMemberIdMap="memberOf:member" >
</activedFilters>

Also GCD wizard default is objectcategory=user Could you please double check, also, is the groupMemberIdMap required?

Could you provide example for UPN and Mail as login attribute or combination.

Vincent-Le commented 4 years ago

@TiloGit - if you still need an answer for this question, please open a ticket/case with IBM support (they should be able to provide an answer from the product team)

TiloGit commented 4 years ago

I think examples for UPN and Mail as login attribute or combination would be useful.

jekahn commented 6 months ago

Closing this issue as no activity in 60 days.