[Freeipa-users] FreeIPA and Pulse Secure (Juniper SSLVPN)
CFMS Support
support at cfms.org.uk
Tue Jan 12 10:09:37 UTC 2016
Hi Alexander,
Brilliant thanks. I still don't seem to be able to see any users, and
cannot sign in as a user from one of the groups that I can see.
Do you have any ideas about groups, I'm only picking up 8 static groups
when Member Attribute is set to memberof (Filter is cn=<GROUPNAME> and DN
is cn=groups,cn=accounts)
Kind Regards,
Josh Cullum
On Tue, Jan 12, 2016 at 9:55 AM Alexander Bokovoy <abokovoy at redhat.com>
wrote:
> On Tue, 12 Jan 2016, CFMS Support wrote:
> >Hi All,
> >
> >New to the mailing list, fairly new to IPA. We have three IPA servers in a
> >cluster in a staging environment.
> >
> >We're looking to replace AD with IPA as we are mostly Linux based and we
> >have just bought some new Pulse Secure Appliances to replace our aging
> >Juniper SA devices.
> >
> >With a migration to IPA currently being staged, the PSA devices have been
> >added to the staging environment so that we can provide them with
> Directory
> >access. Unfortunately, we seem to be having some problems with the
> >configuration of both (Pulse Secure are also working with us) to allow the
> >directory contents to be searched. The connection between the devices and
> >the IPA cluster are fine, it's more the LDAP binding that seems to be the
> >problem.
> >
> >The following is the configuration from the pulse secure device:
> There are some incorrectly set options:
>
> - change to use StartTLS, not unencrypted connection
> - finding user entries requires 'uid=<USER>' filter
>
>
> --
> / Alexander Bokovoy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160112/604859a3/attachment.htm>
More information about the Freeipa-users
mailing list