LDAP Authentication Issues
Posted: Sun Nov 03, 2019 7:27 am
Hello,
I have some issues with LDAP authentication.
I created a local user, and mapped it to a AD test group with LDAP.
Then I changed the group mapping to a LDAP group that already had a lot of members.
The test user on AD can login, but does not get the home dir I used for the local user (D:/FTP/FTPRoot), but only the one I created as default (D:/FTP/Dummy) for the WINGFTPServer domain in LDAP Authentication settings.
So I have a few questions about LDAP authentication.
Is there a way I can check if the correct LDAP groups are retreived and applied?
Is there a limit of groups that WINGFTP server accepts from an LDAP query, or a max number of LDAP groups that can be returned when an user logs in?
If a user is a member of multiple LDAP groups, and several are mapped to local users, are the permissions merged, or is only 1 localuser profile applied, and which one will that be? The first in the list, or the last one?
Is there a limit on the length of the Distinghuished Name of the LDAP group what WingFTP server supports?
Is it possible to map serveral LDAP group to a single local user, or do they both need to be unique?
The reason I ask is that we have a multi Windows A.D. domain structure, with a lot of groups, and some users are member of multiple groups.
I have some issues with LDAP authentication.
I created a local user, and mapped it to a AD test group with LDAP.
Then I changed the group mapping to a LDAP group that already had a lot of members.
The test user on AD can login, but does not get the home dir I used for the local user (D:/FTP/FTPRoot), but only the one I created as default (D:/FTP/Dummy) for the WINGFTPServer domain in LDAP Authentication settings.
So I have a few questions about LDAP authentication.
Is there a way I can check if the correct LDAP groups are retreived and applied?
Is there a limit of groups that WINGFTP server accepts from an LDAP query, or a max number of LDAP groups that can be returned when an user logs in?
If a user is a member of multiple LDAP groups, and several are mapped to local users, are the permissions merged, or is only 1 localuser profile applied, and which one will that be? The first in the list, or the last one?
Is there a limit on the length of the Distinghuished Name of the LDAP group what WingFTP server supports?
Is it possible to map serveral LDAP group to a single local user, or do they both need to be unique?
The reason I ask is that we have a multi Windows A.D. domain structure, with a lot of groups, and some users are member of multiple groups.