[Freeipa-users] Trying To Connect FreeIPA with OKTA/OneLogin/Bitium

Dmitri Pal dpal at redhat.com
Fri Aug 8 20:23:12 UTC 2014 

On 08/07/2014 02:21 PM, Chris Whittle wrote:
> Thanks guys that works!


And what about HOWTO? ;-)


>
>
> On Thu, Aug 7, 2014 at 12:22 PM, Lucas Yamanishi 
> <lyamanishi at sesda3.com <mailto:lyamanishi at sesda3.com>> wrote:
>
>     On 08/07/2014 12:18 PM, Chris Whittle wrote:
>
>>     I'm currently working on a trial with OKTA and have installed
>>     their server agent with no issues.  Now I'm trying to map FreeIPA
>>     attributes with OKTA's
>>
>>     I'm getting no entries found, which leads me to think I'm missing
>>     something
>>     Inline image 1
>>     Inline image 2
>>     Inline image 3
>>     Thanks!
>>
>>
>     The objectClass values look incorrect. Try |posixAccount| and
>     |posixGroup| for users and groups. Roles are |groupOfNames|, but
>     that's a little less specific and will match non-role entries
>     without a search base.
>
>     You can easily look up raw entries to check your mappings with
>     commands like these (the ---all and ---raw options are available
>     for all *-show commands, afaik):
>
>     |ipa user-show --all --raw $USER_NAME
>     ipa group-show --all  --raw $GROUP
>     ipa role-show --all --raw $ROLE
>     |
>
>     Or pure ldaputils:
>
>     |  ldapsearch -LLL -YGSSAPI -b 'cn=users,cn=accounts,dc=example,dc=com' 'uid=$USER_NAME'
>     |
>
>     --
>     -----
>     *question everything*learn something*answer nothing*
>     ------------
>     Lucas Yamanishi
>     ------------------
>     Systems Administrator, ADNET Systems, Inc.
>     NASA Space and Earth Science Data Analysis (606.9)
>     7515 Mission Drive, Suite A100
>     Lanham, MD 20706 *301-352-4646  <tel:301-352-4646>  * 0xD354B2CB
>
>
>     --
>     Manage your subscription for the Freeipa-users mailing list:
>     https://www.redhat.com/mailman/listinfo/freeipa-users
>     Go To http://freeipa.org for more info on the project
>
>
>
>


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140808/38231112/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 89508 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140808/38231112/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 88448 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140808/38231112/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 103249 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140808/38231112/attachment-0002.png>

More information about the Freeipa-users mailing list