Does anybody knows if windows 2008 active directory is supported by the VPN SSL solution for AAA?
AD 2008 support will be in 6.4 version of SA.
For current builds try setting up LDAP instance pointing to AD 2008. I have seen that work.
Thanks. Do you know when will have the 6.4 ?
6.4 is tentatively scheduled for end of March 2009.
Just installed SA4.5K with IVEOS 6.3 and 2008 AD - works just fine:
- set up the NTP server and DNS
- the Domain Controllers specified by name, not IP.
You might still get a message "cannot connect / join the domain", but at first user login it will join just fine. in the AD specified group you should see two entries: "ivename" and another entry with letters and numbers, the SA name - which you can change in the AD server page.
I'll try with the settings you've specified.
We are now in the middle of Implementing role mappings based on AD Global security groups under the the CN=Domain Users.
In the role mapping I chose groups and was able to search for and ad the groups. If found them with out a problem. However, It wouldn't allow a member of any of the groups to login.
I had to create a role mapping based on username. If anyone has any Ideas I'd be greatly appreciative. I know that 6.4 is coming out end of this month, but I'm sure I'm not the only one who's had a problem.