empoyeeID value not given
Douglas E Engert
deengert at gmail.com
Wed Nov 26 21:47:23 EST 2014
On 11/26/2014 6:04 PM, Daniel Pryor wrote:
> We are using port 3268 and the ldaploginmodule. We have not tried another user, because the same user was able to query it via ldapsearch and ldifde. Do you suggest we still try using another more
> privileged user?
port 3286 accesses the Global Catalog. The GC does not have all the attributes, employeeID is not it the GC. See:
http://msdn.microsoft.com/en-us/library/ms675094(v=vs.85).aspx
There are ways to add it to the GC.
>
> Thanks
>
> Dan
>
> *From:*users-bounces at shibboleth.net <mailto:users-bounces at shibboleth.net> [mailto:users-bounces at shibboleth.net <mailto:users-bounces at shibboleth.net>] *On Behalf Of *David Bantz
> *Sent:* Wednesday, November 26, 2014 4:59 PM
> *To:* Shib Users
> *Subject:* Re: empoyeeID value not given
>
> On Nov 26, 2014, at 14:51, Daniel Pryor <dpryor at parchment.com <mailto:dpryor at parchment.com>> wrote:
>
> I set up a shibboleth to query against active directory for the basics (employeeID, given name, sn, etc). It picks up all fields except employeeID.
>
> Using the general services catalog port 3268? If so, is employeeID released?
>
>
>
> When the logs are in DEBUG mode it says discarding because no value was given.
>
>
>
> We have validated via ldifde and ldapsearch that the attribute is set.
>
> Validated using your ShibbolethIdP service account? Or another account that might have more privileges.
>
>
>
> Thoughts?
>
> Thanks
>
> Dan
>
> --
> To unsubscribe from this list send an email tousers-unsubscribe at shibboleth.net <mailto:users-unsubscribe at shibboleth.net>
>
>
>
--
Douglas E. Engert <DEEngert at gmail.com>
More information about the users
mailing list