Forum Discussion
SSL client certificate LDAP Authentication Question
Hi all
In a bid to try understand some of the lesser documented and possibly implemented features of LTM, I have been testing out the various authentication features LTM has to offer. I am at a poi...
Hello both
Thank you for your responses, and apologies for the way I formatted my original post. I have managed to get it to work. For those reading this in the future this is my final config:
ltm auth ssl-cc-ldap LAB-SSL-LDAP-CONFIG {
admin-dn CN=Administrator,CN=Users,DC=lab,DC=com
admin-password
group-base CN=Sales,CN=Users,DC=lab,DC=com
group-key sAMAccountName
group-member-key member
servers { }
user-base CN=Users,DC=lab,DC=com
user-key sAMAccountName
valid-groups { Sales }
As you can see from my original post I was missing some key attributes on the config, namely the Group Key and Group Member key attributes. Once I added these in it worked. I traced the flow using Wireshark and can see the LTM sending the search request to LDAP. If we take that request and try it manually using ldapsearch it gives back a positive result. That command for reference is:
ldapsearch -H ldap:// -x -b DC=lab,DC=com -D CN=Administrator,CN=Users,DC=lab,DC=com -w "(&(member=CN=,CN=Users,DC=lab,DC=com)(sAMAccountName=Sales))"
Thank you