[Freeipa-users] Trying To Connect FreeIPA with OKTA/OneLogin/Bitium

Lucas Yamanishi lyamanishi at sesda3.com
Thu Aug 7 17:22:16 UTC 2014 

On 08/07/2014 12:18 PM, Chris Whittle wrote:

> I'm currently working on a trial with OKTA and have installed their
> server agent with no issues.  Now I'm trying to map FreeIPA attributes
> with OKTA's 
>
> I'm getting no entries found, which leads me to think I'm missing
> something
> Inline image 1
> Inline image 2
> Inline image 3
> Thanks!
>
>
The objectClass values look incorrect. Try |posixAccount| and
|posixGroup| for users and groups. Roles are |groupOfNames|, but that’s
a little less specific and will match non-role entries without a search
base.

You can easily look up raw entries to check your mappings with commands
like these (the —all and —raw options are available for all *-show
commands, afaik):

|ipa user-show --all --raw $USER_NAME
ipa group-show --all  --raw $GROUP
ipa role-show --all --raw $ROLE
|

Or pure ldaputils:

| ldapsearch -LLL -YGSSAPI -b 'cn=users,cn=accounts,dc=example,dc=com' 'uid=$USER_NAME'
|

​

--  
-----
*question everything*learn something*answer nothing*
------------
Lucas Yamanishi
------------------
Systems Administrator, ADNET Systems, Inc.
NASA Space and Earth Science Data Analysis (606.9)
7515 Mission Drive, Suite A100
Lanham, MD 20706 * 301-352-4646 * 0xD354B2CB

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/8a94dd36/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 89508 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/8a94dd36/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 88448 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/8a94dd36/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 103249 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/8a94dd36/attachment-0002.png>

More information about the Freeipa-users mailing list