Forum Discussion
CirrusRemote Active Directory Authentication w/ e-mail address
Hey Guys, thank you very much for your help. @nitass your configuration is perfect and worked like a charm. I initially used the following lines, but it did not work even with the userprincipalname because I had the"user-template" configured.
root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) list auth ldap system-auth auth ldap system-auth { bind-dn cn=administrator,cn=users,dc=f5demo,dc=com bind-pw $M$Xz$R6vSMU6JwXX/2bq2Cksu/g== login-attribute userprincipalname search-base-dn cn=users,dc=f5demo,dc=com servers { 192.168.1.100 } user-template %s@f5demo.com
My new configuration is just like yours.The "User-Template" should be left blank otherwise it will make the BIGIP to use only the userid instead of the combination userid + DN.
Working configurtion root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) list auth ldap system-auth auth ldap system-auth { bind-dn cn=administrator,cn=users,dc=f5demo,dc=com bind-pw $M$vD$R97Nbf7gLgGgbO44TBHByA== login-attribute userprincipalname search-base-dn cn=users,dc=f5demo,dc=com servers { 192.168.1.100 }
 Thank you very much fellows ;)
Employeethis is mine.
config
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list auth ldap system-auth
auth ldap system-auth {
bind-dn cn=administrator,cn=users,dc=abc,dc=com
bind-pw $M$g2$cTattFzOwB2DzL4ywm9bXQ==
login-attribute userprincipalname
search-base-dn cn=users,dc=abc,dc=com
servers { 172.28.24.5 }
}
test
login as: tasmania@abc.com
Using keyboard-interactive authentication.
Password:
Last login: Wed Aug 20 19:31:05 2014 from 192.168.207.69
tasmania@abc.com@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos)
