cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP configuration - An internal error has occurred in the secLdap plug-in

Go to solution
Former Member

on ‎06-24-2009 8:40 AM

0 Kudos

Hi,

I am trying to configure my BOE to a LDAP (Microsoft Active Directory Application).

After completing all the configuration steps, I get the following error:

"An internal error has occurred in the secLdap plug-in"

I chose "No SSL" and "No SSO" and used all the default values in the "Please configure how new LDAP users and aliases are created by BusinessObjects Enterprise" screen.

Can someone assist?

-Doron

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

BasicTek
Advisor
Advisor
‎06-24-2009 11:27 AM
0 Kudos

Is your server on unix/linux? Using Oracle client driver 10.2.0.3 oe 10.2.0.4?

For simply setup you will need your LDAP host and port. Use IP and port to remove possible DNS issues.

You need the proper LDAP director4y or custom attributes

Then you need the propoer Base DN and Administrator DN

If the above are provided you should be able to complete the plugin.

Regards,

Tim

Show replies
Show replies
Former Member
‎06-24-2009 2:12 PM
0 Kudos

Hi,

I managed to solve the issue, so the LDAP now is configured. BUT, still not really working....

Here are the configuration details:

LDAP Hosts: host.xxx.zzz:389

LDAP Server Type: Microsoft Active Directory Application Server

Base LDAP Distinguished Name: CN=Configuration,DC=zzz

LDAP Server Administration Distinguished Name: CN=LastName\, FirstName,CN=Users,DC=xxx,DC=zzz

LDAP Referral Distinguished Name: CN=LastName\, FirstName,CN=Users,DC=xxx,DC=zzz

Maximum Referral Hops: 0

SSL Type: Basic (no SSL)

Single Sign-On Type: None

I am not sure if I need to add a Group or not, and with what syntax.....

Anyway, when I try to login with my real user name I get the following message:

Account information not recognized: LDAP Authentication could not log you on. Please make sure your logon information is correct. If your account is under any root other than CN=Configuration,DC=zzz you must enter your dn. (FWM 00007)

When I try to login with the LDAP Server Administration Distinguished Name / LDAP Referral Distinguished Name I get the following message:

Account information not recognized: LDAP Authorization failed. Please make sure your entry belongs to a mapped LDAP group.

(This error comes also if I enter the group where my user is in using the CN=Group syntax)

P.S - The system is Win Server 2003.

Please assist

-DS

BasicTek
Advisor
Advisor
‎06-24-2009 8:59 PM
0 Kudos

ok that's called LDAP to AD,

Change your directory attributes so that user name and default user search attribute are both samaccountname

map in groups by their short name only not domain\group LDAP cannot understand some AD extensions and will be limited in it's functionality against AD.

Regards,

Tim

patrick_larsson2
Explorer
‎07-16-2009 1:41 PM
0 Kudos

Thank you for this answer it helped me to do the last configuration of our LDAP-->WinAD mapping

Regards,

Patrick Larsson

Answers (2)

Answers (2)

Former Member
‎02-03-2010 6:33 PM
0 Kudos

Hi,

I'm having the same type of problem as Doran authenticating against LDAP.

The LDAP configuration is syntactically clean, not sure whether it is correct though.

Adding LDAP groups failed miserably for all listed entries, see below in Config Parms:

Configuring without LDAP groups fails with the Login Error,

Login Error Message: Account Information Not Recognized: LDAP Authentication could not log you on.

Please make sure your logon information is correct.

If your account is under any root other than dc=lgc,dc=com you must enter your dn.

(FWM 00007)

The DN for my local account,

uid=hb37406,ou=people,o=hou,dc=lgc,dc=com

Crystal Report Server 2008 authenticated against an Sun iPlanet LDAP Server.

Build Date: 2008/09/13:08:31:32

Build Number: 882

Product Version: 12.1.0.882

Config Parms:

LDAP Host:hourdldap01.lgc.com:389,ldap.corp.halliburton.com:389

LDAP Server Type: Sun Directory Server

Base LDAP Distinguished Name: dc=lgc,dc=com

ou=people,o=hou,dc=lgc,dc=com

LDAP Referral Credentials:cn=cmldap,dc=lgc,dc=com;

Password:xxxxxxxx

Number of Hops: 1

SSL authentication:Basic

LDAP single sign-on authentication:Basic

Configure new LDAP users:

Assign each added LDAP alias to an account

Creae new aliases only when user logs on

New users are created as concurrent users

Mapped LDAP Member Groups

Add LDAP group (by cn or dn)

    • LDAP search on local account **

uid=hb37406,ou=people,o=hou,dc=lgc,dc=com

cn=dev

cn=dev,ou=group,o=hou,dc=lgc,dc=com

ou=people,o=hou,dc=lgc,dc=com

ou=people,dc=lgc,dc=com

o=hou,dc=lgc,dc=com

dc=lgc,dc=com

dc=lgc.com

lgc.com

ou=HalUsers,dc=corp,dc=halliburton,dc=com

ou=people,dc=corp,dc=halliburton,dc=com

dc=halliburton,dc=com

LDAP configuration Error: The secLdap plugin failed to get the dn for the group xxx.

Show replies
Show replies
Former Member
‎06-25-2009 7:36 AM
0 Kudos

Thanks!

Show replies
Show replies
Ask a Question