ldap

问题 I have a complicated problem, exacerbated by the fact I don't really know where to start! Over the last few years, I've developed a number of php web-based systems. When I built them, our network was ropey at best, so I thought nothing of creating my own username/password stuff. Since then, our network has become a lot more robust, our admins have installed an ISA server for various other things and my apps are left as frustrating relics that people forget their passwords and are never sure

问题 I use debian 9 gitlab-ce 11.10.4-ce.0 omnibus install via apt openldap 2.4.44 ldap configuration Configured /etc/ldap/ldap.conf : BASE dc=serverX,dc=lan URI ldap://serverX.lan TLS_CACERT /etc/ssl/certs/ca-certificates.crt Configured /etc/gitlab/gitlab.rb : gitlab_rails['ldap_enabled'] = true gitlab_rails['ldap_servers'] = YAML.load <<-EOS label: 'Gitlab LDAP' host: '10.0.0.1' port: 389 uid: 'sAMAccountName' method: 'plain' # "tls" or "ssl" or "plain" bind_dn: 'cn=admin,ou=users,dc=serverX,dc

问题 I use debian 9 gitlab-ce 11.10.4-ce.0 omnibus install via apt openldap 2.4.44 ldap configuration Configured /etc/ldap/ldap.conf : BASE dc=serverX,dc=lan URI ldap://serverX.lan TLS_CACERT /etc/ssl/certs/ca-certificates.crt Configured /etc/gitlab/gitlab.rb : gitlab_rails['ldap_enabled'] = true gitlab_rails['ldap_servers'] = YAML.load <<-EOS label: 'Gitlab LDAP' host: '10.0.0.1' port: 389 uid: 'sAMAccountName' method: 'plain' # "tls" or "ssl" or "plain" bind_dn: 'cn=admin,ou=users,dc=serverX,dc

问题 I need a way to validate users within my organization (using LDAP and Active Directory) through IdentityServer3 and grant them access to a resource. IdentityServer3 appears to be an implementation framework of the OpenID Connect protocol which holds good for authentication and authorization. So far, I have been able to validate hard-coded users and get a JWT (JSON Web Token) access token using the InMemory implementation. Please refer to this example: https://rajdeep.io/2015/05/07/creating-a

问题 I have a Gitlab server installed somewhere, and I am trying to get it working for my AD users. I have the following configuration: label: 'LDAP' host: 'myserver.com' port: 389 #uid: '' method: 'plain' # "tls" or "ssl" or "plain" bind_dn: '' #password: '' active_directory: true allow_username_or_email_login: true block_auto_created_users: false base: '' user_filter: '' ## EE only group_base: '' admin_group: '' sync_ssh_keys: false But I can not login with provided settings. I am not very

问题 I'll first start with my setup. For this we have 2 servers Server1 is going to be used for all the sourcecode, files, etc.., And on Server2 we have all our user information and logins. Both servers are running on Centos 6.4 Now we want to setup a SVN repository on server1 thats working with apache (httpd) and has a LDAP authentication that uses accounts from server 2. Previously i set up a CVS repo aswel so i'm 100% sure ldap is working. My SVN repo is working as it should with apache, but i

问题 I know almost nothing about LDAP and even less about spring security but I am trying to configure a spring boot app to authenticate against an ldap instance and am stuck. I was given the ldap server name at adldap.company.com and base dn of dc=ad,dc=company,dc=com I have some python code that does a simple bind and works. LDAP_USERNAME = 'username@ad.company.com' LDAP_PASSWORD = 'password' base_dn = 'dc=ad,dc=company,dc=com' # not used for bind I guess, only search try: ldap_client = ldap

问题 I got a java keystore which I want to store in LDAP using userPKCS12 attribute. I already transfered the JKS keystore to PKCS12 keytool -importkeystore -srckeystore /opt/tomcat/conf/.keystore -destkeystore /tmp/tomcat.p12 -deststoretype PKCS12 How do I proceed to finally get the entries of this keystore into my LDIF-file? dn: cn=$name,$cn objectClass: top objectClass: inetorgPerson description: $name cn: $name sn: $name userPKCS12;binary::

问题 I setup an ApacheDS with default password-policy enabled. For testing proposes I locked a simple User (objectClass=Person extended with some custom User-objectClass) by entering the wrong credentials a number of times. As I expected the user was locked (error msg: user was permanently locked). The question now is: How to unlock the user again? Is there a better way then just deleting and adding again? I tried the same with an extended user (objectClass=pwdPolicy) but no pwd* attributes were

问题 Given a NT style account name (DOMAIN\UserName) is it possible to infer what the LDAP address for that domain is so that user info can be looked up? My scenario: I have an asp.net app running on IIS that accepts both anonymous and domain users. The anonymous users have to sign in but the domain users I check the server headers for the domain user name provided by IIS. I need to look up some info from active directory like email address etc. I have got this working if I supply the LDAP address