Hi folks, I'm attempting to get our SA 2500 to authenticate against our OSX Open Directory architecture. I've been able to connect to the Open Directory architecture, but unfortunately it doesn't appear to be authenticating against the group I have created for VPN authentication. I'm hoping to find someone who has had experience in getting this configuration to work, or if someone is willing to school me a bit regarding the implementation and syntax of the search connection, I'd be very grateful. Currently our LDAP search base in Open Directory (as listed in the server admin/open directory settings) is dc=mycomputername,dc=local, and the filter is listed as cn=<user>. In the configuration page of the Juniper I put in the IP address, port (default) and test successfully. I put in the search base, but it fails to authenticate. My users are in another group called "mygroup", and I do not have the 'requires authentication to search' enabled. I've went as far as put the "mygroup" in the 'Determining Group Membership" section, by putting in the search base, then putting in the group on the filter line as cn=mygroup. Lastly, when I do put in the diradmin user/pass, it fails authentication....which is odd. I'm figuring that I have some syntax screwed up somewhere. Any help would be greatly appreciated.
... View more