J
JG Inds
I have a 3rd party VPN device that does 1) LDAP queries for user
authentication (username/password) and 2) query what AD groups a user
is in to determine what level of access the VPN server grant through
the VPN.
Right now I have the VPN server using an AD account with domain admin
priviledges to do the LDAP queries and it works fine. However, I'd
like to set up a role account with the minimum AD permisions needed to
do LDAP queries. I do not want to set up un-authenticated LDAP
queries in AD.
Does anyone have any info what's the minimum AD permission level or
attributes (Guest, user, etc) needed to acheive the above. I'm
hoping that I won't need to use a Domain Admin account to make the
username/password authentication to work.
Any Help would be appreciated!
-John
authentication (username/password) and 2) query what AD groups a user
is in to determine what level of access the VPN server grant through
the VPN.
Right now I have the VPN server using an AD account with domain admin
priviledges to do the LDAP queries and it works fine. However, I'd
like to set up a role account with the minimum AD permisions needed to
do LDAP queries. I do not want to set up un-authenticated LDAP
queries in AD.
Does anyone have any info what's the minimum AD permission level or
attributes (Guest, user, etc) needed to acheive the above. I'm
hoping that I won't need to use a Domain Admin account to make the
username/password authentication to work.
Any Help would be appreciated!
-John