Forum Discussion
CirrusRemote Active Directory Authentication w/ e-mail address
Hey Guys, thank you very much for your help. @nitass your configuration is perfect and worked like a charm. I initially used the following lines, but it did not work even with the userprincipalname because I had the"user-template" configured.
root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) list auth ldap system-auth auth ldap system-auth { bind-dn cn=administrator,cn=users,dc=f5demo,dc=com bind-pw $M$Xz$R6vSMU6JwXX/2bq2Cksu/g== login-attribute userprincipalname search-base-dn cn=users,dc=f5demo,dc=com servers { 192.168.1.100 } user-template %s@f5demo.com
My new configuration is just like yours.The "User-Template" should be left blank otherwise it will make the BIGIP to use only the userid instead of the combination userid + DN.
Working configurtion root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) list auth ldap system-auth auth ldap system-auth { bind-dn cn=administrator,cn=users,dc=f5demo,dc=com bind-pw $M$vD$R97Nbf7gLgGgbO44TBHByA== login-attribute userprincipalname search-base-dn cn=users,dc=f5demo,dc=com servers { 192.168.1.100 }
 Thank you very much fellows ;)
MVPi think nitass pointed out the issue indeed William, you use Login LDAP attribute samaccountname and nitass uses userprincipalname. usually samaccountname is the old style login and userprincipalname the new style login.
