LDAP search by group filter

To be able to minimize search only to one group in AD. User from name Filter need to be modified as follow : (&(memberof=CN=TestGroup, DC=domainb,DC=com)(UserPrincipalName=%u)(objectclass=user)) All the rest of attributes can be left unchanged.¬† Group attributes do not need to be changed.  

Continue reading

Multiple Users Forest SSO

In our lab we created 3 new forests with 3 domains, with 3 DNS servers to simulate complex  environment. Forest DomainA.com DomainA.com Domain Controller: DCNL01.domainA.com WorkStation: DSKNL01 Test user : userA pass:Pumpkin1 sso binding user: ssoA pass: Pumpkin1App LDAP principal :  WLSAdminA@domaina.com pass:Pumpkin1 Forest DomainB.com DomainB.com DC: DCNL02.domainB.com WorkStation: DSKNL02

Continue reading