-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
4.13, 4.14, 4.16
-
Quality / Stability / Reliability
-
False
-
-
5
-
Moderate
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
No example configuration for Active Directory as an Identity Provider.
Version-Release number of selected component (if applicable):
All
How reproducible:
Always
Steps to Reproduce:
1. Try to configure an LDAP Identity Provider connected to Active Directory.
2.
3.
Actual results:
No documentation exists for sound defaults for Active Directory. Our competitors have simple and fast configuration defaults making this easier.
Expected results:
Quick ability to enter a few variables for sound defaults for Active Directory, preventing customers from having to troubleshoot multiple configuration options.
Additional info:
e.g. sAMAccountName as an LDAP field for preferredUsername is case sensitive in our code. Microsoft PowerShell Get-ADUser outputs it as "SamAccountName" https://learn.microsoft.com/en-us/powershell/module/activedirectory/get-aduser?view=windowsserver2022-ps
Among other things, what are good, sound defaults for "id", "name", and "preferredUsername", such as objectGUID, displayName or givenName, and sAMAccountName respectively?
Additionally, competitors use only a serviceacount name (e.g. svc_acct_1) and password, rather than a full serviceaccount bindDN (CN=svc_acct_1,OU=Finance,OU=UserAccounts,DC=FABRIKAM,DC=COM)
