LDAP authentication problems

[Sean Whalen]

Hi all,

I've configured LDAP support as described here https://neo4j.com/docs/operations-manual/current/security/authentication-authorization/ldap-integration/ but LDAP login isn't working, and native auth still works. Way ideas? I don't have enterprise neo4j, so I don't have a security log to check.

Here's the configuration:

# Turn on security

dbms.security.auth_enabled=true

# Choose LDAP connector as security provider for both authentication and authorization

dbms.security.auth_provider=ldap

# Configure LDAP to point to the AD server

dbms.security.ldap.host=ldap://dc.example.net

# Provide details on user structure within the LDAP system:

dbms.security.ldap.authentication.user_dn_template={0}@example.net

dbms.security.ldap.authorization.user_search_base=cn=dc=example,dc=net

dbms.security.ldap.authorization.user_search_filter=(&(objectClass=*)(sAMAccountName={0}))

dbms.security.ldap.authorization.group_membership_attributes=memberOf

# Configure the actual mapping between groups in the LDAP system and roles in Neo4j

dbms.security.ldap.authorization.group_to_role_mapping=\

  "CN=A-BloodHound-RO,OU=Application Groups,OU=Users and Groups,DC=example,DC=net"      = reader       ;\

  "CN=P-BloodHound-Admin,OU=Privileged Groups,OU=Users and Groups,DC=example,DC=net"  = admin

[Michael Hunger]

Sean, LDAP only works with Neo4j enterprise.

You can sign up for it either as a trial or for personal use or our startup program.

Cheers, Michael

--
You received this message because you are subscribed to the Google Groups "Neo4j" group.
To unsubscribe from this group and stop receiving emails from it, send an email to neo4j+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.