[Freeipa-users] Trying To Connect FreeIPA with OKTA/OneLogin/Bitium
Chris Whittle
cwhittl at gmail.com
Thu Aug 7 18:21:49 UTC 2014
Thanks guys that works!
On Thu, Aug 7, 2014 at 12:22 PM, Lucas Yamanishi <lyamanishi at sesda3.com>
wrote:
> On 08/07/2014 12:18 PM, Chris Whittle wrote:
>
> I'm currently working on a trial with OKTA and have installed their
> server agent with no issues. Now I'm trying to map FreeIPA attributes with
> OKTA's
>
> I'm getting no entries found, which leads me to think I'm missing
> something
> [image: Inline image 1]
> [image: Inline image 2]
> [image: Inline image 3]
> Thanks!
>
>
> The objectClass values look incorrect. Try posixAccount and posixGroup
> for users and groups. Roles are groupOfNames, but that’s a little less
> specific and will match non-role entries without a search base.
>
> You can easily look up raw entries to check your mappings with commands
> like these (the —all and —raw options are available for all *-show
> commands, afaik):
>
> ipa user-show --all --raw $USER_NAME
> ipa group-show --all --raw $GROUP
> ipa role-show --all --raw $ROLE
>
> Or pure ldaputils:
>
> ldapsearch -LLL -YGSSAPI -b 'cn=users,cn=accounts,dc=example,dc=com' 'uid=$USER_NAME'
>
>
>
> --
> -----
> *question everything*learn something*answer nothing*
> ------------
> Lucas Yamanishi
> ------------------
> Systems Administrator, ADNET Systems, Inc.
> NASA Space and Earth Science Data Analysis (606.9)
> 7515 Mission Drive, Suite A100
> Lanham, MD 20706 * 301-352-4646 * 0xD354B2CB
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go To http://freeipa.org for more info on the project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/d865a6c4/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 88448 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/d865a6c4/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 103249 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/d865a6c4/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 89508 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140807/d865a6c4/attachment-0002.png>
More information about the Freeipa-users
mailing list