Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
since ‎10-29-2017
‎10-29-2017
davidcardwell_
Occasional Contributor

Re: multi-value LDAP attribute with Term Serv

by in Pulse Connect Secure
‎07-19-2010 07:06:AM
‎07-19-2010 07:06:AM
I had never thought of that. It worked great. Thanks for the help everyone. David. ... View more

multi-value LDAP attribute with Term Serv

by in Pulse Connect Secure
‎07-16-2010 09:48:AM
‎07-16-2010 09:48:AM
I have a multi-value attrib in LDAP called "MySystems" and the term serv bookmarks work, but they are all named the same. An average user will have 2 or 3 values under this attribute so their view shows 3 bookmarks all called "MySystems". This is not very practical and neither is having a seperate attribute and profile for each host. Does anyone know how, or if it can fixed to present the user with specifics on the bookmark. The vaules in LDAP are the FQDN so if that could be appended to the bookmark for each host that would be sufficient. I followed http://kb.pulsesecure.net/index?page=content&id=KB14623&actp=search&searchid=1279298339897 to get this working in the first place. NOTE: the KB mentions the exact problem I am having. SA code: 6.5R5 users affected: >500 Thanks. ... View more

Re: SBR 5.4 with LDAP groups

by in Pulse Policy Secure
‎06-28-2010 03:25:PM
‎06-28-2010 03:25:PM
Ok, I figured out the LDAP server does not have the pointers from the user to the groups so I had to do a second search in the OU that contains groups and search for the the username. Now the problem I am having is that not all groups are returned. For example, user JBond is part of MYCOgroup, MYCOadmins, and MYCOall groups. When SBR queries the OU with groups I only get one group returned (MYCOadmins). How do I get all groups returned? Do I need to use LDAP scripts? Below is the output of the relevant ldapauth.aut sections and part of the logs. ========================= [Request] %UserName = User-Name ;%Password = userpassword ;Service-Type = ;%NASName = nameofnas ;%NASAddress = [Search/UserName] Base = ou=Users, ou=Internal, o=MYCO Scope = 2 Filter = uid=<User-Name> Attributes = UserAttrList Timeout = 20 %DN = dn UserCN = cn umbAccess = umbAccess OnFound = Group [Search/Group] Base = ou=ApplicationGroups,o=MYCO Scope = 2 Filter = member=<DN> Attributes = GroupAttrList Timeout = 20 LDAPGroups = dn OnFound = $accept [Attributes/UserAttrList] ;Filter-Id ;Session-Timeout ;thepasswordis uid cn MYCOgroup [Attributes/GroupAttrList] cn member [Response] %Profile = DATASEC Access-Values = MYCOgroup User-DN = %DN Class = LDAPGroups ========================== log 06/28/2010 16:18:55 LDAPAUTH: Setting variable User-Name = "JBond" 06/28/2010 16:18:55 LDAPAUTH: Bind succeeded for user "JBond", dn = "cn=JBond, ou=Users, ou=Internal, o=MYCO" 06/28/2010 16:18:55 LDAPAUTH: No elements, DoBind returning. 06/28/2010 16:18:55 LDAPAUTH: Performing search; base = ou=Users, ou=Internal, o=MYCO, scope = 2, filter = uid=JBond, attrs = uid,cn,MYCOgroup,loginGraceRemaining,loginGraceLimit 06/28/2010 16:18:55 LDAPAUTH: Search returned loginGraceLimit;loginGraceRemaining;MYCOgroup;cn;uid 06/28/2010 16:18:55 LDAPAUTH: Search returned DN = "cn=JBond,ou=Users,ou=Internal,o=MYCO" 06/28/2010 16:18:55 LDAPAUTH: Setting variable dn = "cn=JBond,ou=Users,ou=Internal,o=MYCO" 06/28/2010 16:18:55 LDAPAUTH: No elements, DoBind returning. 06/28/2010 16:18:55 LDAPAUTH: Performing search; base = ou=ApplicationGroups,o=MYCO, scope = 2, filter = member=cn=JBond,ou=Users,ou=Internal,o=MYCO, attrs = cn,member,loginGraceRemaining,loginGraceLimit 06/28/2010 16:18:55 LDAPAUTH: Search returned member;cn 06/28/2010 16:18:55 LDAPAUTH: Search returned DN = "cn=MYCOadmins,ou=ApplicationGroups,o=MYCO" 06/28/2010 16:18:55 LDAPAUTH: Authentication attempt = 0, user = JBond, server = s1 - Success 06/28/2010 16:18:55 Determined that JBond authenticated by plug-in module is the user 06/28/2010 16:18:55 Getting profile info for requesting user 06/28/2010 16:18:55 Merging saved attributes with user info 06/28/2010 16:18:55 Merging profile info with user info 06/28/2010 16:18:55 Comparing checklist items with user/profile items 06/28/2010 16:18:55 Appending echo values, if any 06/28/2010 16:18:55 User JBond being passed to attribute editing authentication methods 06/28/2010 16:18:55 Class subattribute: DistName : String Value = JBond 06/28/2010 16:18:55 Class subattribute: AuthType : String Value = 200 06/28/2010 16:18:55 Class subattribute: TransactionId : Value = 06/28/2010 16:18:55 000: 34bcb4df 73cb37e8 00000001 |4...s.7..... | 06/28/2010 16:18:55 Sent accept response for user JBond to client SSLVPN ... View more

Re: SBR 5.4 with LDAP groups

by in Pulse Policy Secure
‎06-23-2010 02:19:PM
‎06-23-2010 02:19:PM
Brian, I did what you suggested and I must be doing something wrong. I am under the assumption the groups are in LDAP under "objectClass" Below is a piece of my ldapauth.aut file. Does it look correct or no? [Request] %UserName = User-Name %objectclass = class ;%Password = userpassword ;Service-Type = ;%NASName = nameofnas ;%NASAddress = [Response] ;Filter-Id = ;loginGraceLimit = loginGraceLimit %Profile = %objectclass = class ;Session-Timeout = %FullName = Fullname ;%Password = userpassword [Search/DoLdapSearch] Base = ou=Users, ou=Internal, o=MYCO Scope = 2 Filter = uid=<User-Name> Attributes = AttrList Timeout = 20 %DN = dn [Attributes/AttrList] ;Filter-Id ;Session-Timeout ;thepasswordis objectClass ... View more

SBR 5.4 with LDAP groups

by in Pulse Policy Secure
‎06-23-2010 10:08:AM
‎06-23-2010 10:08:AM
I have SBR setup to auth users via Bind, but I can't pull any attributes from the LDAP server. For instance, I want a users group membership returned when they are authenticated, but I get nothing. I am using NTRadPing to test and the results are "Class=SBR2CL\ a bunch of hex" The SBR version is 5.4. If NTRadPing is not the best util to test this functionality on I can try a different one. The documentation is not helpful and I can't find much else about the setup for something like this. I have seen a few things about ldapauth.aut and the settings there, but it is not clear to me. Any suggestions, or where to start, would be appreciated. ... View more

Cluster Upgrade to 6.5

by in Pulse Connect Secure
‎05-04-2010 09:41:AM
‎05-04-2010 09:41:AM
I had a cluster running 6.0 in active/passive and want to go to 6.5. I disabled the clustering on the secondary unit, added a temp license, upgraded it to 6.5, and did all my testing. Now I want to upgrade the primary and re-enable the cluster. I would like to get some feed back on my procedure below. 1. backup the primary and secondary configs 2. Upgrade the primary(6.0) to the new code. 3. re-enable the cluster on the secondary, remove the temp lic, and let them sync. I don't see any major problems. There are a few things I am unsure of though. 1. If changes were made to the backup during testing will those changes get propagated to the primary? 2. How long will the outage be once the upgrade of the primary starts, and/or is there anyway to "hard failover" the SA? Feedback is appreciated. David. ... View more
Latest Tags
No tags yet
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.