Comments (4)
Hi,
does
printf "0 TACPLUS\n4 achurak\n49 INFO\n=\n" | env \
LDAP_SERVER_TYPE="generic" \
LDAP_HOSTS="x.x.x.x:389 x.x.x.x:389" \
LDAP_BASE="dc=example,dc=com" \
LDAP_USER="cn=user,dc=example,dc=com" \
LDAP_PASSWD="secret" \
FLAG_USE_MEMBEROF=1 \
TACACS_GROUP_PREFIX="tacacs_" \
USE_TLS=1 \
/usr/local/lib/mavis/mavis_tacplus_ldap.pl
display the memberOf DNs (attribute id: 1)?
Cheers,
Marc
from event-driven-servers.
Doesn't look like it:
0 TACPLUS
4 achurak
5 uid=achurak,ou=users,dc=example,dc=com
6 ACK
49 INFO
=0
But when I run ldapsearch
I do see my group membership:
# ldapsearch -x -H ldap://x.x.x.x -ZZ -b "dc=example,dc=com" -D 'cn=user,dc=example,dc=com' -W uid=achurak memberof
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: uid=achurak
# requesting: memberof
#
# achurak, users, example.com
dn: uid=achurak,ou=users,dc=example,dc=com
memberOf: cn=netadmins,ou=groups,dc=example,dc=com
# search result
search: 3
result: 0 Success
from event-driven-servers.
Hi Alexey,
your "netadmins" group doesn't match your TACACS_GROUP_PREFIX . Please try
setenv TACACS_GROUP_PREFIX = ""
Cheers,
Marc
from event-driven-servers.
It worked! Thanks so much, Marc!
I didn't realize it was a mandatory parameter and had to be set to ""
even if there's no prefix at all. I tried with it being unset and it didn't work either.
from event-driven-servers.
Related Issues (20)
- ldapmavis-mt doesn't pass all memberOf groups back to tac_plus-ng HOT 3
- shell login denied by ACL HOT 2
- Alternativ password If LDAP is temporary not available HOT 8
- tac_plus-ng: A device.tag reference in a profile script where no tag present on any device, will break tacacs HOT 1
- Tacacs+ Fortigate Accounting HOT 5
- Ldapmavis-mt doesn’t try to open new session to ldap server after inactivity HOT 7
- Unable to connect to server HOT 4
- tac_plus-ng SIGSEGV, Connection refused, Bad file descriptor HOT 8
- Tacacs behind AWS NLB HOT 6
- Sporadic TLS negotiation failures with Mavis LDAP backend HOT 6
- libfreeradius-client has been deprecated in favor of radcli HOT 5
- 编译中出现异常 HOT 2
- the error when i execute './configure tac_plus,'the following errors occurs HOT 1
- Connection refused HOT 3
- tacacs configuration file parsing failed with tac_plus-ng while with tac_plus it's working HOT 3
- tac_plus compile error HOT 1
- chap login failed (no clear text password set) HOT 2
- LDAP vendor lookup fails for Okta LDAP Interface HOT 3
- tac_plus-ng external-mt using libmavis-mt, doesn't fall through to fallback accounts when LDAP unavailable HOT 3
- Support for variable option LDAP sizelimit in libmavis-mt HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from event-driven-servers.