[vpn-help] LDAP Display Will Authenticate Users but Not the Userid

Matthew Grooms mgrooms at shrew.net
Tue Mar 1 17:58:52 CST 2011


On 2/8/2011 2:58 PM, Matt Lenco wrote:
> By the way, I was just on the phone with the Juniper TAC for 2 hours. We
> got LDAP to work with the SSG-20 but you have to enter the display name
> and not the userid into the Shrew VPN client?
>
> John H. Doe instead of doej.
>

The client simply provides the username to the gateway. The gateway is 
responsible for matching the login to a valid LDAP attribute. It sounds 
to me like your SSG is mapping the username to the wrong ldap attribute.

-Matthew



More information about the vpn-help mailing list