vLDAP and Filemaker Server

Answered

Comments

2 comments

  • Official comment
    Avatar
    Gary Gwin

    It doesn't look like the configuration is searching for groups/roles at OneLogin, that appears to be internal to the app. It appears to only be wanting to try to bind the user.

    OneLogin VLDAP doesn't require an admin/service account. Some clients do, but this one appears to give you the option.

    Try changing your search base to: 

    ou=users,dc=founderspark,dc=onelogin,dc=com

    VLDAP writes logs to debug that support personnel at OneLogin can use to help debug issues like this.

  • Avatar
    Robert Stark

    Just to be clear about what Im asking above... I do not wish to use my own ldap server. So no synchronization is required. I wanted this to be simple so I would use onelogin as my primary ldap server. So far, I cannot get this to work. So here are my specific questions

    1. Does vLDAP queries require the admin name and password?

    2. Does the search base look correct assuming that our subdomain is founderspark?

    3. Is there an vLDAP log I can look at to help troubleshoot?

    4. I'm assuming that groups query is case sensitive so I have named my groups with simple names (no spaces) in all lowercase. Should this be sufficient?

    5. Does this have to do possibliy with the way filemaker requests the group name? I was reading the "Handling Groups in LDAP" article and it talks about static and dynamic groups. Is this an issue with an overlay? I was thinking that that stuff had to do more about syncing with other directories than authenticating. Again, I'm new to LDAP so this stuff is not clear to me.

    Thanks

     

Please sign in to leave a comment.