cancel
Showing results for 
Search instead for 
Did you mean: 

Is it possible to use user attributes from a secondary auth server ?

SOLVED
RonG_
New Contributor

Is it possible to use user attributes from a secondary auth server ?

Hi,

I have setup a certificate server as primary auth server, and LDAP as secondary auth server. Both are working just fine.

I was wondering if there is a way to get userAttr variables that are present (and defined in the server catalog) on the secondary auth server ? I would like to use them in SSO policies.

I'm at it for a few hours now and don't seem to make any progres.

Kind regards,

1 ACCEPTED SOLUTION

Accepted Solutions
RonG_
New Contributor

Re: Is it possible to use user attributes from a secondary auth server ?

Hi,

Problem fixed.

I had already configured the ldap as an authorization server for the primary auth server. But was not using the correct syntax to approach the user attributes.

For those who are interested (and don't know it yet), the correct syntax is :

if ldap servername = GoLdap

If user attribute to approach = sAMAccountName

<<userAttr@GoLdap.sAMAccountName >

Kind regards

View solution in original post

4 REPLIES 4
zanyterp_
Respected Contributor

Re: Is it possible to use user attributes from a secondary auth server ?

I don't believe so. Would using LDAP in the authorization for primary work and then as secondary as well?

What does your policy trace show for user attributes currently?
RonG_
New Contributor

Re: Is it possible to use user attributes from a secondary auth server ?

Hi,

Problem fixed.

I had already configured the ldap as an authorization server for the primary auth server. But was not using the correct syntax to approach the user attributes.

For those who are interested (and don't know it yet), the correct syntax is :

if ldap servername = GoLdap

If user attribute to approach = sAMAccountName

<<userAttr@GoLdap.sAMAccountName >

Kind regards

View solution in original post

zanyterp_
Respected Contributor

Re: Is it possible to use user attributes from a secondary auth server ?

Very cool; thank you for sharing and sorry for being wrong.
morpheuss_
Contributor

Re: Is it possible to use user attributes from a secondary auth server ?

How did you map this to your role mapping cert attribute ?