Is it possible to have a group of admins and do the ad or radius authentification for management?
I cant find nothing about this on the forums or the knowledgebase.
I've just found information about regular users but nothing for management.
Basically just a group of admins will be using their ad logins.
Could you point me into the right direction?
Yes, "ZD Admins" is a group in AD that contains users who should have full admin access to the ZD. Sorry about using the term LDAP. We used to be a Novell shop and I am used to using the term LDAP interchangeably with AD but we are using AD in this case. There was no trust nessisary I just filled in the nessisary info and it works.
very very thank you!
i test it and pass AD setting. i can use ad account logon.
but LDAP still cannot work, does ZD support LDAP user to logon? if yes, i think u have example too, could you share it?
(what's the UID in AD? samaccountname? CN ?)
Your settings look good except maybe for the "Key Attribute". If you are using Active Directory it should be sAMAccountName which is what Windows would use to log people in to computers. You can use cn, that is the value that is shown in Users and Computers which may not be the same as their login.
I should mention that if you require SSL authentication via LDAP this may not work. Our AD servers do not require SSL for authentication but our OpenLDAP server does and I could not get it working with OpenLDAP even even by changing the port to 636.