hi,
the foreman can not authenticate using external authentication using the api endpoints, apparently, which is a bit of a bummer.
It can do ldap, though, so the question is:
can I authenticate AD users using the compat tree in Idm? (rhel 7.7 by the way).
On ke, 25 maalis 2020, Natxo Asenjo via FreeIPA-users wrote:
hi,
the foreman can not authenticate using external authentication using the api endpoints, apparently, which is a bit of a bummer.
It can do ldap, though, so the question is:
can I authenticate AD users using the compat tree in Idm? (rhel 7.7 by the way).
Yes, if two conditions hold: - the entry in compat tree is first looked up - that entry DN is used for a bind DN
On Wed, Mar 25, 2020 at 9:53 PM Alexander Bokovoy abokovoy@redhat.com wrote:
On ke, 25 maalis 2020, Natxo Asenjo via FreeIPA-users wrote:
hi,
the foreman can not authenticate using external authentication using the api endpoints, apparently, which is a bit of a bummer.
It can do ldap, though, so the question is:
can I authenticate AD users using the compat tree in Idm? (rhel 7.7 by the way).
Yes, if two conditions hold:
- the entry in compat tree is first looked up
- that entry DN is used for a bind DN
thanks for your answer. Looks like we'll have to talk directly to the AD ldap servers then :-)
-- Groeten, natxo
freeipa-users@lists.fedorahosted.org