Forum LAMS for Tech-Heads - General Forum: Active Directory Auth

Back to LAMS for Tech-Heads - General Forum
You may request notification for Active Directory Auth.	Search:

	1: Active Directory Auth By: Dan Coffey		12/06/11 03:36 PM	[ Reply \| Forward ]
I am having troubles getting the LDAP to work with my domain controllers. The lams.log always says I have given it a bad password. I am using the follwing: base = dc=corp,dc=pcf,dc=com search filter = (&(objectCategory=Person)(sAMAccountName={0})) I am using a distinguished user and pass that I have verified it works. Thanks in advance. 2011-12-06 12:52:16,292 [http-0.0.0.0-8080-17:] DEBUG org.lamsfoundation.lams.security.UniversalLoginModule - Bad password for username=dcoffey 2011-12-06 12:52:16,293 [http-0.0.0.0-8080-17:] INFO org.lamsfoundation.lams.security.UniversalLoginModule - abort 2011-12-06 12:52:16,294 [http-0.0.0.0-8080-17:] DEBUG org.lamsfoundation.lams.security.JspRedirectStrategy - ===>LOGIN PAGE: there is no auth obj in session or accessing login page before login succeed, auth obj created. session id: B1A2FA1184FD3D94CCE63468FBBBD18B 2011-12-06 12:52:16,294 [http-0.0.0.0-8080-17:] DEBUG org.lamsfoundation.lams.security.JspRedirectStrategy - Set locale information for login page:en_US 2011-12-06 12:52:16,295 [http-0.0.0.0-8080-13:] DEBUG org.lamsfoundation.lams.web.session.SessionManager - ==>Couldn't find the sso cookie 2011-12-06 12:52:16,296 [http-0.0.0.0-8080-13:] DEBUG org.lamsfoundation.lams.web.session.SessionManager - ==>Created one - ff8080813414d1e201341525f5280038 Posted by Dan Coffey

	2: Re: Active Directory Auth By: Dan Coffey	In response to 1	12/06/11 04:32 PM	[ Reply \| Forward ]
A little more info. I am using LAMS 2.3.5 Once I update the filter to show (\|(cn={0})(uid={0})) the sync function worked bringing more than a thousand users into the system. Unfortunately, none of the users are able to log in... Posted by Dan Coffey

	3: Re: Active Directory Auth By: Dan Coffey	In response to 1	12/06/11 05:25 PM	[ Reply \| Forward ]
One more item I noticed from the log. 2011-12-06 15:23:24,367 [http-0.0.0.0-8080-8:] ERROR org.lamsfoundation.lams.security.LDAPAuthenticator - ===> LDAP exception: javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'DC=corp,DC=pcf,DC=com' thanks for any help you can give. I admit I am getting flustered... Posted by Dan Coffey

	4: Re: Active Directory Auth By: Dan Coffey	In response to 1	12/07/11 09:55 AM	[ Reply \| Forward ]
It turns out that I had more than one configuration that would work and that the username is case aware. Once we figured this out, it works. Now I ask, Does the ldap username have to be case sensative? If there an option or flag to change this? Posted by Dan Coffey

	5: Re: Re: Active Directory Auth By: Ernie Ghiglione	In response to 4	12/12/11 07:39 AM	[ Reply \| Forward ]
Hi Dan, Have you been able to figure this out? At the moment, I don't have an LDAP server to run some tests. Thanks, Ernie Posted by Ernie Ghiglione

Reply to first post on this page

Back to LAMS for Tech-Heads - General Forum