You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2009-08-07 15:41:27

lcervantes
Member
Registered: 2009-08-07
Posts: 2

Import user from LDAP Windows Server 2003.

Hi.
Our LDAP server in windows 2003. The GLPI is installed in linux server.
Our Active directory include

servidor: ldap: / / nameofserver.domain.com
port:3268
basedn: dc=domain,dc=com
rotdn: DOMAIN\administrator
pass: thepassword
fieldlogoin: samaccountname
filter: (objectClass=*)

typeodsearch: user
groups: memberof
filtersearchgroups: (objectClass=user)

The confirmation that the configuration is ok.
But the problem is that we have user in diferents DC and OU.
Only function when we can access to users that the admin domin is in there.

We have user in:
OU=domain,dc=domain,dc=com
OU=AAA,DC=AAA,dc=domain,dc=com
OU=BBB,DC=BBB,dc=domain,dc=com
OU=BBB,DC=BBB,dc=domain,dc=com

Can you help me?

Thanks from all.

Lcervantes

Offline

#2 2009-08-20 17:53:09

lveirman
Member
Registered: 2009-08-20
Posts: 31

Re: Import user from LDAP Windows Server 2003.

Hi Ircervantes,

Seems your settings arn't right. Guess that you should have redirect the port for LDAP talks, but I will give the answer with standard one (meaning LDAP AD uses port 389).

Here is my setup for W2K3 A.D. setup :

Nom   TOTO
Serveur  ldap://192.168.1.9
LDAP Port (default=389) 389 
Basedn dc=mydomain,dc=net 
rootdn cn=administrator,ou=users,dc=mydomain,dc=net
Pass #password for administrator user#

fieldlogin samaccountname
filter  (&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

typeodsearch: user and group
groups from user: memberof
user's group : member
filtersearchgroups: (&(objectClass=group)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
Use DN for search YES

Name = sn, first name = givenname, e-mail = mail

Hope this will be helpfull.

Offline

#3 2009-08-21 09:49:10

lcervantes
Member
Registered: 2009-08-07
Posts: 2

Re: Import user from LDAP Windows Server 2003.

Hi Iveirman.
Your configuration is Ok. I change my configuration by yours, and I continous having the same problem.
If I try to search user from the OU  that the Administrator is in, NOT problem.
But If I search user in other OU, not found.
I thing that the problem is in my linux. Its possible that for the LDAP-PHP use a especific library to function WELL.

Any idea.?

Thanks for all.

LCervantes

Offline

#4 2009-08-21 14:17:33

lveirman
Member
Registered: 2009-08-20
Posts: 31

Re: Import user from LDAP Windows Server 2003.

Don't know, as I'm working in a full M$ environment. I will suggest you to have a look around : I remenber haven seen one purpose topic around Active Directory and the special needs it has (wich is not the same as a simple LDAP).

I especially remember that under linux system, the default LDAP browsing turn around flat hierarchy, which means you are not able to recurse sub organisationnal units. That's why I have specify the "use DN" to "yes" and define my basedn to a toplevel that includes both users admin (in default users OU) and my normal users account.

Last point, but more about my own experiences with linux os based system : always put the user you will use for LDAP parsing in the default "users" OU of your AD.

Hop this will helping going further, do not hesitate to post back.

Cheers,
lveirman.

Offline

Pages: 1

Board footer

Powered by FluxBB