I am trying to use an AD group as the authentication method for Virtualization Manager, I can get the AD portion working without much issue but it looks like I will have to use an LDAP query in-order to pull specific groups from AD.
I have tried multiple different search strings and have not been able to get it to work, for instance:
Search Filter - (&(objectCategory=user)(memberOf=CN=SECURITY GROUP,OU=1st Folder,OU=2nd Folder))
Search Base - dc=domain, dc=com
I have a bind user/PW and server that we use for other LDAP queries with success, any help would be great!
The "search filter" value in the Add/Edit authentication server dialog specifies the property name which is used to find the user name. The text entered to this field is used to generate the search filter: '=' and the user name is appended (in form of searchFilter=userName).
When you specify "cn" as search filter and try to login in as "domain/John", the search filter sent to LDAP server is: "cn=John".
This means that you can't specify complex search filters with current version of VMAN (6.1.1). We have created a feature request to support complex search filters.
Thanks ... It is kind of odd for this to work in this manner. Yes I have contacted support. They expressed the same response and suggested AD authentication, which works BUT is not all practical. I guess we will have to way for the next release, and hopefully they will fix this bug
Thanks for your reply!
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.