Highlighted
Absent Member.. Absent Member..
Absent Member..
199 views

LDAP for Active Directory

Jump to solution

Hi Team,

 

There is a concept that I want to check here.

 

LDAP Integration Settings, there is a "Distinguished Name of Search-Entitled User", and the default is like following:

CN=AD Connector, CN=Users, DC=consult, DC=example, DC=com

 

First, what is distinguished Name of Search-Entitled User in the context of Active Directory?

 

Second, what is CN=AD Connector in the context of Active Directory?

 

Third, can it be skipped this CN=AD Connector and just put CN=Users, DC=consult, DC=example, DC=com for Distinguished Name of Search-Entitled User?

 

Thanks in advance.

0 Likes
1 Solution

Accepted Solutions
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: LDAP for Active Directory

Jump to solution

Hello,

 

Here are the reply to your queries :

 

1. "Distinguished Name of Search-Entitled User" - Defines the DN for a user with search privileges on the LDAP server, that can convert users UID to the full DN. For an annonymous user, keep this entry blank and enable login and search privileges on the LDAP server. 

 

2. CN= AD Connector does not mean anything particular, it could have been CN=HomerSimpson, CN=Users, DC=…

     What is important here is to provide a DN for a user entitled to search the ldap.

 

3. I do not believe you can replace it by CN=Users, DC=consult, DC=example, DC=com, as this is not referring to a user, but a group.

 

Hope it answers your queries.

 

Regards,

Unni

“Micro Focus Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”

Click the KUDOS star to say 'Thanks'

View solution in original post

0 Likes
2 Replies
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: LDAP for Active Directory

Jump to solution

Hello,

 

Let me check on this internally and get back to you.

 

Regards,

Unni

“Micro Focus Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”

Click the KUDOS star to say 'Thanks'
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: LDAP for Active Directory

Jump to solution

Hello,

 

Here are the reply to your queries :

 

1. "Distinguished Name of Search-Entitled User" - Defines the DN for a user with search privileges on the LDAP server, that can convert users UID to the full DN. For an annonymous user, keep this entry blank and enable login and search privileges on the LDAP server. 

 

2. CN= AD Connector does not mean anything particular, it could have been CN=HomerSimpson, CN=Users, DC=…

     What is important here is to provide a DN for a user entitled to search the ldap.

 

3. I do not believe you can replace it by CN=Users, DC=consult, DC=example, DC=com, as this is not referring to a user, but a group.

 

Hope it answers your queries.

 

Regards,

Unni

“Micro Focus Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”

Click the KUDOS star to say 'Thanks'

View solution in original post

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.