Couple of questions with LDAP and SSO

Hi Fess team,

I would like to ask first if SSO with LDAP on Linux is available with FESS.
I could connect and authenticate with our LDAP server but now I want to configure SSO.
I tried this configuration but it didn’t work.
Admin/general page: (this works with manual authentication)

LDAP url: ldap://
base DN: dc=company,dc=com
bind DB: ldapbind
password: ****
User DN:
Account filter: (&(objectClass=user)(sAMAccountName=%s))
memberOf attribute: memberOf


Also, I want to make groups from LDAP/AD as Fess administrators, is that possible? I tried these configurations but all didn’t work.





Thanks in advance

If you need docs for SSO configuration, please contact Commercial support.
There is no docs on OSS.

authentication.admin.roles is comma separated value.
You can check roles in audit.log


We don’t have roles setup in our LDAP and no roles are being detected in audit.log, can’t I also point roles to OU=Group,DC=company,DC=com?
We’re still in the testing stage of the capabilities and features of FESS and not sure if we want to have commercial support yet, that’s why any help would be appreciated.

Your settings for Account Filter or memberOf might not be correct.

No we really don’t have roles setup on our AD.
I tried to configure the role.filter and role.base.dn properties with the same values for group.filter and group.base.dn but still couldn’t detect any roles.

Created OU=Roles and added a role, changed the role.filter and was able to see the role in audit.log already.
LDAP user can access the admin page now but you have to change the URL to /admin, the Administration link is not showing in the User Profile dropdown menu.

Also I’m getting a Page not found error when accessing the Dashboard using the LDAP account.