Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

March 08 2011

Active Directory lacks memberOf attribute for unknown reason ..

Using a binduser with password to read from LDAP/AD is common. Using the memberOf=Group attribute for authing is common, too. Both in combination can be a major fuckup: when your binduser is seeing the whole LDAP tree, except the memberOf attributes. Ok, rewrite your authing. Ok, do that once, twice, more often .. for every single service changing ootb auth to something non common. No no no, I don't buy that.

Well, I searched for ages, but the I found a vague hint, that enabling

"Pre Windows 2000 Compatibility" 

might help. An really, this info is digged up from the bottoms of the interwebbs. Golden needle in a haystack!

Enable the darn stopid named checkbox, and hey, finally you binduser can read what you binduser should be able to read anyways.

Don't be the product, buy the product!

Schweinderl