Role Mapping in User Realm w/ Authentication through M$ ADCS
I want some users to connect transparently to our Gateway using a certificate signed by our private PKI. The problem, I'm facing is with the Role Mapping restriction where I want to use Group Membership.
The Certificate Auth Server Looks for which value is: [email protected] I can alos use which value would then be: Valiere Jean-Christophe
On the LDAP/AD Authentication server, I look for user entries using the following filter: samAccountName=, which value is: valiere.j-c I could also use cn=, which value would then be: Valiere Jean-Christophe The Group Membership filter is: cn= and Member Attribute is member.
Finally. the Subject of my Certificate is as below: E = [email protected] CN = Valiere Jean-Christophe OU = SIT OU = Administrator Accounts OU = ORG DC = DOMAIN DC = tld