Hi Fess Author,
I saw you have SSO AD function in FESS version 10.2.0.
But I tried configure it using admin account, there was no aera to configure password of LDAP baseDN.
So LDAP user can’t login FESS, could you please check it?
I think it is a bug of the system.
Looking forward for your fast reply!
For configuration, LDAP/AD authentication is different from SSO with LDAP/AD.
To configure LDAP/AD authentication without SSO:
- Type your LDAP/AD info at LDAP configuration of admin general page.
- Login as LDAP/AD user with the password on login page. (Therefore, Fess does not require LDAP password)
To configure LDAP/AD authentication with SSO:
- Type your LDAP/AD info and enable Login Required on admin general page.
- Modify the following values in fess_config.properties
- Login as user on Windows, and then access to Fess(you will be logged in as the same user automatically).
Sorry, misunderstanding, I think system with interface with LDAP may have password of administrator of LDAP server who manger and created LDAP accounts/passwords.
Without this, how the system verfity the database with LDAP server?
In other words, any system can connect to LDAP server without LDAP administrator verify firstly? it is very dangerous.
I tried the way you suggested, it doesn’t work. but other system using LDAP credential works.
ldap.admin.provider.url=ldap://localhost:1389 changed to remote LDAP server
ldap.admin.security.principal=cn=Directory Manager changed
Good news. The user in ldap.admin.security.principal=cn=Directory Manager changed can Access Fess, but it is LDAP administrator, not LDAP user. The LDAP user still can’t access FESS.
Okay, I’ll add password field to admin general page in next release.
If I configure LDAP/AD authentication with SSO will everybody have access to admin page?
I just wanna log searches of the user´s machine (LDAP authenticaded). Not guest user but LDAP User.
Please do not mix different questions in this issue.