I was using 6.2.6 on production with BGmot patch. MS Active Directory as LDAP worked like a charm.
Due to necessity I updated to 6.2.9 and then 6.4.10
After update I set up JIT provisioning similar to what was set up in BGmot patch. This didn't work
So I tried different settings for 'Group name attribute' (CN or cn), 'User group membership attribute' (memberOf or memberof), tried to create differently spelled ldap groups (no spaces, no underscores, no capital letters). Didn't work either.
At the end of the day I set up fresh centos 9 + mysql + nginx + php-fpm host with 6.4.10 and made test setup as per https://blog.zabbix.com/just-in-time...ing-explained/
Unfortunately this didn't work either. Upgraded to 6.4.11 - no luck.
The most frustrating thing is when I press test button and try to test some login it authenticates and seems to detect group mapping OK.
Has anyone succeeded to set up working JIT provisioning with 6.4.10 or 6.4.11?
Appreciate your help in advance.
Due to necessity I updated to 6.2.9 and then 6.4.10
After update I set up JIT provisioning similar to what was set up in BGmot patch. This didn't work
So I tried different settings for 'Group name attribute' (CN or cn), 'User group membership attribute' (memberOf or memberof), tried to create differently spelled ldap groups (no spaces, no underscores, no capital letters). Didn't work either.
At the end of the day I set up fresh centos 9 + mysql + nginx + php-fpm host with 6.4.10 and made test setup as per https://blog.zabbix.com/just-in-time...ing-explained/
Unfortunately this didn't work either. Upgraded to 6.4.11 - no luck.
The most frustrating thing is when I press test button and try to test some login it authenticates and seems to detect group mapping OK.
Has anyone succeeded to set up working JIT provisioning with 6.4.10 or 6.4.11?
Appreciate your help in advance.
Comment