AAA Server Definition
I use OPENLDAP to authenticate my users in the VPN, however, while I have it working, it required me to shuffle my users around in the LDAP tree structure. Originally, I have users in subtrees based on the office they were based out of. As such, I have a branch named "Employees" with subtrees beneath for "Little Rock", "Baton Rouge", "Fayetteville", and "Chesterfield". I found out, however, that, while the LDAP search did search the subtrees fine, I could not filter the results as only authorized employees should be allowed to use the VPN. I found myself creating a new subtree called "VPN" and moving the authorized employees there as setting the baseDN to it, but that broke other item not related to the VPN. Is there a way to set a filter attribute, for example, an OU attribute as a filter. That way, only employees in the subtree with an OU=vpn would be returned?
Is the group Membership Attribute applicable here?
Is the group Membership Attribute applicable here?
0
All Replies
-
Hi @Froydor,
You can add ext-group-user user objects to identify groups based on these group identifier values.
Go to CONFIGURATION > Object > User/Group > User and click "Add".
The user type "ext-group-user" allows you to group users by the value of the group membership attribute configured for the AD or LDAP server.
See how you've made an impact in Zyxel Community this year!
https://bit.ly/Your2024Moments_Community0 -
@Zyxel_Emily
i found this question and i require also LDAP authentication on USG Firewalls but i found no document that show
- configure user authentication on the USG to get access to dedicated destinations
- configure admin access to the USG (like the local admin account on the USG).
Is there any document existing, how to establish user and admin authentication trough openldap (actuall version).
thx and gredards
Chris0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight