« Return to Thread: Daisy 2.3 upgrade LDAP issue
Re: Daisy 2.3 upgrade LDAP issue
by Bauer Matthias (IFD AIM MC ATM NVTD)
::
Rate this Message:
Hi *,
Mario Brackeva wrote:
> Yep, now the repository server starts. However, I can only log in with
> local Daisy users. If I try a LDAP user it gives me the general
> "Authentication failed for login ..." error.
I've always had that problem with our LDAP server (Win2k3 AD => LDAP)
when trying to log in with a plain username:
> <property name="java.naming.security.principal"
> value="$daisyLogin@ntdomain"/>
I noticed, I always need to give a DN here. So, I got us a special user
account with read-only permissions on LDAP and put it there. My config
looks like that:
> <scheme name="ldap-1" description="LDAP Config">
> <environment>
> <property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
> <property name="java.naming.provider.url" value="ldap://ldap.example.com:389"/>
> <property name="java.naming.security.authentication" value="simple"/>
> <property name="java.naming.security.protocol" value="ldap"/>
> <property name="java.naming.security.principal" value="CN=user-to-search-ldap,DC=test,DC=example,DC=com"/>
> <property name="java.naming.security.credentials" value="xxxVerySecretPasswordxxx"/>
> </environment>
> <searchBase>DC=test,DC=example,DC=com</searchBase>
> <filter>cn=$daisyLogin</filter>
> <cache enabled="true" maxCacheSize="3000" maxCacheDuration="1800000"/>
> <autoCreateUser>
> <roles>
> <role>User</role>
> </roles>
> <defaultRole>User</defaultRole>
> <updateableByUser>true</updateableByUser>
> </autoCreateUser>
> </scheme>
I don't know whether that will solve your problem. But it should show
you, whether you are able to get any access to your LDAP server at all.
Regards
Matthias Bauer
--
Matthias Bauer
Infineon Technologies Dresden GmbH
eNVM Technology Development and Process Integration
Koenigsbruecker Str. 180
D-01099 Dresden
Geschäftsführer: Pantelis Haidas, Helmut Warnecke
Sitz der Gesellschaft: Dresden
Registergericht: Dresden, HRB 27169
_______________________________________________
daisy community mailing list
Professional Daisy support: http://outerthought.org/en/services/daisy/support.html
mail to: daisy@...
list information: http://lists.cocoondev.org/mailman/listinfo/daisy
Mario Brackeva wrote:
> Yep, now the repository server starts. However, I can only log in with
> local Daisy users. If I try a LDAP user it gives me the general
> "Authentication failed for login ..." error.
I've always had that problem with our LDAP server (Win2k3 AD => LDAP)
when trying to log in with a plain username:
> <property name="java.naming.security.principal"
> value="$daisyLogin@ntdomain"/>
I noticed, I always need to give a DN here. So, I got us a special user
account with read-only permissions on LDAP and put it there. My config
looks like that:
> <scheme name="ldap-1" description="LDAP Config">
> <environment>
> <property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
> <property name="java.naming.provider.url" value="ldap://ldap.example.com:389"/>
> <property name="java.naming.security.authentication" value="simple"/>
> <property name="java.naming.security.protocol" value="ldap"/>
> <property name="java.naming.security.principal" value="CN=user-to-search-ldap,DC=test,DC=example,DC=com"/>
> <property name="java.naming.security.credentials" value="xxxVerySecretPasswordxxx"/>
> </environment>
> <searchBase>DC=test,DC=example,DC=com</searchBase>
> <filter>cn=$daisyLogin</filter>
> <cache enabled="true" maxCacheSize="3000" maxCacheDuration="1800000"/>
> <autoCreateUser>
> <roles>
> <role>User</role>
> </roles>
> <defaultRole>User</defaultRole>
> <updateableByUser>true</updateableByUser>
> </autoCreateUser>
> </scheme>
I don't know whether that will solve your problem. But it should show
you, whether you are able to get any access to your LDAP server at all.
Regards
Matthias Bauer
--
Matthias Bauer
Infineon Technologies Dresden GmbH
eNVM Technology Development and Process Integration
Koenigsbruecker Str. 180
D-01099 Dresden
Geschäftsführer: Pantelis Haidas, Helmut Warnecke
Sitz der Gesellschaft: Dresden
Registergericht: Dresden, HRB 27169
_______________________________________________
daisy community mailing list
Professional Daisy support: http://outerthought.org/en/services/daisy/support.html
mail to: daisy@...
list information: http://lists.cocoondev.org/mailman/listinfo/daisy
« Return to Thread: Daisy 2.3 upgrade LDAP issue
| Free embeddable forum powered by Nabble | Forum Help |
