1 Nickel

LDAP. Group found, but members not listed...or poor concept


In our environment we have 2 new Isilons of 6 nodes each. We'd like to implement LDAP authentication (ldap provided by Windows 2012 AD) for management of the systems. We have successfully created a ldaps provider.

Using Query Filter for groups ("sAMAccountName=Value_of_the_Group", in the advanced settings Name attribute is set to sAMAccountName) necessary AD group is found (seen in Membership in Roles, Groups tab).

However we cannot authenticate, as in the group details no members are listed, i.e. ldap search successfully finds the group but doesn't identify its users.
Any clues why this is not working?

Or do we need to add each AD user individualy, create a group inside OneFS and only then map it Role? In this case it is highly inconvenient and defeats the object of LDAP authentication...

0 Kudos