Forum Discussion
Anil_Anchuri_16
Jul 24, 2014Nimbostratus
Hi,
I want to use AD authentication for GTM to logon. Below is my configuration is working fine for OU level&User level, now i want to use same GTM with a AD security group and members of those group can logon to GTM console based on mentioned role(administrator/guest). Please help me to configure the same, i have tried memberOF=CN=IT_GTM_Admin,OU=all_SG,DC=domainname,DC=co,DC=in in remote directory tree but its not working.
User Directory: Remote - Active Directory
Host : 10.43.x.x
Port: 389
Remote Directory Tree: CN=Users,DC=domainname,DC=co,DC=in
Scope: Sub
Bind DN: CN=gtmuser,CN=Users,DC=persistent,DC=co,DC=in
Check Member Attribute in Group: Enabled
SSL: Disabled
External Users:
Role: Administrator
Terminal Access: tmsh
- AlanTLR_151265Jul 25, 2014NimbostratusAnil, Does your bind DN (CN=gtmuser,CN=Users,DC=persistent,DC=co,DC=in) have access to the RDT (CN=Users,DC=domainname,DC=co,DC=in)? Typically, these would be within the same domain. Here you have specified [effectively] persistent.co.in and domainname.co.in. --Alan
- Anil_Anchuri_16Jul 25, 2014Nimbostratussorry, that was a typo, domain name is persistent.co.in. Let me explain clearly, i have a user - gtmuser and it is in Indiausers OU and GTM_admins group and gtmuser added in gtm_admins group. If i specify Remote Directory Tree: CN=gtmuser,OU=Indiausers,DC=persistent,DC=co,DC=in, authentication working fine and if i mentioned Remote Directory Tree: OU=Indiausers,DC=persistent,DC=co,DC=in then all users who are there in Indiausers OU are able to logon to GTM management console(either guest/administrator). The problem is if i specify Remote Directory Tree: CN=GTM_admins,OU=SecurityGroups,DC=domainname,DC=co,DC=in (DN for group)then authentication is not working, its giving me logon failed error. I cannot move those who are admins of GTM to any other OU, i have to be use a security group. need help on this asap.