on 07-05-2012 3:38 PM
Hi,
Im trying to configure LDAP for SUP 2.1.3 but in server log i get :
2012-07-05 05:30:11.547 DEBUG Security Thread-311 [com.sybase.security.ldap.LDAPAttributer]No LDAP configuration available to this provider.
2012-07-05 05:30:11.547 DEBUG Security Thread-311 [com.sybase.security.ldap.LDAPConfig]looking for shared/authenticated configuration
I did the following configurations :
1- In Security node i chose "admin" then Authentication tab
2- Created new LDAPLoginModule
3- Checked ldaploginmodule and in General tab validate and applied
4- be able to see ldap provider log i set the security component as debug level.
Since i use sup 2.1.3 version i didn't change csi.properties and role-map.xml. What should i do more for server gets ldap configurations ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Tahir,
I have some points to add:
1. Do you need the Authentication Filter property? It reduces the search result of the Default Search Base catalog. E.g. if you test the search of available roles in the system using Apache LDAP plugin will it return you a valid result?
2. What roles do you have? If they are different than "SUP Administrator" etc, please map them in somewhere in the Security menu (probably in the Domain item). You should see a list of returned roles in dropdown lists.
3. Check \SCC-3_2\log\agent.log and \SCC-3_2\log\gateway.log files when you try to login. They have an information if the login attempt was successfull.
Kind regards,
Vlad
Hello Gyus,
I have also the problem with SUP 2.2 that the ldap integration is not working. In the log i get just the error that I should check my username and Password, nothing else.
Has anybody configured SUP 2.2 successfully with ldap authentication?
Is there any description explicit for SUP 2.2 ?
Best Regards
Michael
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
Thank you for all of your answers. I actually made it work. I can see roles in the admin and mapped them to SUP Adminstrator, but the weird thing is i cannot login with my domain user.
I am using Apache Directory Studio to get my DN and filter. In the server-log files im gettin following exception ;
com.sybase.security.ldap.LDAPAuthenticationFailureWarning: Record matching LDAP filter (objectClass=person) in the search base OU=mygroup ,DC=sybase DC=local was not found. Verify that the user exists and the bind user has permissions to read the user properties.at com.sybase.security.ldap.LDAPQueryHelper.lookupUserDN(LDAPQueryHelper.java:171)
In ldap connection properties I set the Authenctication filter as (objectClass=person). I got this filter from apache directory studio it works here but doesnt work in SUP.
Any clues about this ?
Kind Regards
Tahir ÖZ
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Tahir,
If you are using active directory your authentication filter should be:
(&(sAMAccountName={uid})(objectclass=user))
More info here:
Regards,
Ayax
Hello Ayax,
I set Authentication filter as (&(sAMAccountName={uid})(objectclass=user)) and
role filter as (objectClass=person) and im getting domain users succesfully but also getting warnings as follow
com.sybase.security.ldap.LDAPAuthenticationFailureWarning: Record matching LDAP filter (&(userPrincipalName={0})(objectclass=user)) in the search base OU=İSTANBUL,OU=<SUP>,DC=<SUP>,DC=local was not found. Verify that the user exists and the bind user has permissions to read the user properties.
Im mapping a domain user to SupAdministrator role but not able to login with the user.
Thanks ın advance
Kind Regards
Tahir
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
95 | |
11 | |
11 | |
10 | |
9 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.