[Xerte] Re: Xerte LDAP Authentication to AD Not Working

James Burns JBurns at KirkleesCollege.ac.uk
Wed Apr 11 16:28:16 BST 2012


Hi all,

Issue partially resolved. I used an LDAP LAN trace and found out what the authentication issue was.....

The initial LDAP "proxy" bind was working ok, but then I found the issue :-

The subsequent LDAP Search was looking for a match on SAMAccountName, then requesting both "sn" and "given name" attributes (for logging I guess). This returned a successful response from the correct object.

However, as I had set the base search from the Domain Root, it was continuing the search, by  requesting the same information from other areas of AD it was not appropriate or have rights to access (under AD "configuration" partition, for example). If this came up against an error at this stage, it stopped the general login.

Therefore, when I constrained the search to the specific user account containers, the login worked fully for single host/basedn.

Now I have the issue of not being able to successfully specify multiple LDAP basedn's or hosts, using $$$ as the delimiter (as seen in other thread). I have tried adding $$$ option to all ldap options with no success. Authentication only works to single host with single LDAP basedn at the moment. Has anyone any suggestions?

Regards

James




This email and any attachments are confidential and should not be used by anyone who is not the original intended recipient. If you receive this in error, please contact the sender and delete the material from your computer. You are not authorised to, and must not, read, copy, distribute, use or retain this message or any part of it. Kirklees College cannot accept liability for any statements made which are clearly the sender's own and not expressly made on behalf of Kirklees College or one of its agents.
KIRKLEES COLLEGE - YOUR SUCCESS IS OUR FOCUS
See our website! http://www.kirkleescollege.ac.uk

Please consider the environment. Don't print this e-mail unless necessary.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20120411/e0f57404/attachment.html>


More information about the Xerte mailing list