cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Configuring LDAP in SUP 2.1 ebf #3

Go to solution
tahir_z
Contributor

on ‎07-05-2012 3:38 PM

0 Kudos

Hi,

Im trying to configure LDAP for SUP 2.1.3 but in server log i get :

2012-07-05 05:30:11.547 DEBUG Security Thread-311 [com.sybase.security.ldap.LDAPAttributer]No LDAP configuration available to this provider.

2012-07-05 05:30:11.547 DEBUG Security Thread-311 [com.sybase.security.ldap.LDAPConfig]looking for shared/authenticated configuration

I did the following configurations :

1- In Security node i chose "admin" then Authentication tab

2- Created new LDAPLoginModule

3- Checked ldaploginmodule and in General tab validate and applied

4- be able to see ldap provider log i set the security component as debug level.

Since i use sup 2.1.3 version i didn't change csi.properties and role-map.xml. What should i do more for server gets ldap configurations  ?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Vlad
Advisor
Advisor
‎07-06-2012 9:03 AM
0 Kudos

Hello Tahir,

I just configured "admin" security settings in the following manner:

I tested this configuration with SUP 2.1.3

Kind regards,

Vlad

Show replies
Show replies
tahir_z
Contributor
‎07-06-2012 9:40 AM
0 Kudos

Hello Vladislav,

Thank you for answer, as i seen you have configured sup ldap, but i need to configure active directory which my company use. The configurations i did as follows :

In this way doesn't work for me i need to know if there is more that i should do ?

Thanks in Advance

Tahir

Vlad
Advisor
Advisor
‎07-06-2012 10:03 AM
0 Kudos

Hello Tahir,

I have some points to add:

1. Do you need the Authentication Filter property? It reduces the search result of the Default Search Base catalog. E.g. if you test the search of available roles in the system using Apache LDAP plugin will it return you a valid result?

2. What roles do you have? If they are different than "SUP Administrator" etc, please map them in somewhere in the Security menu (probably in the Domain item). You should see a list of returned roles in dropdown lists.

3. Check \SCC-3_2\log\agent.log and \SCC-3_2\log\gateway.log files when you try to login. They have an information if the login attempt was successfull.

Kind regards,

Vlad

Answers (3)

Answers (3)

Former Member
‎06-12-2013 3:51 PM
0 Kudos

Hello Gyus,

I have also the problem with SUP 2.2 that the ldap integration is not working. In the log i get just the error that I should check my username and Password, nothing else.

Has anybody configured SUP 2.2 successfully with ldap authentication?

Is there any description explicit for SUP 2.2 ?

Best Regards

Michael

Show replies
Show replies
tahir_z
Contributor
‎07-09-2012 9:24 AM
0 Kudos

Hello,

Thank you for all of your answers. I actually made it work. I can see roles in the admin and mapped them to SUP Adminstrator, but the weird thing is i cannot login with my domain user.

I am using Apache Directory Studio to get my DN and filter. In the server-log files im gettin following exception ;

com.sybase.security.ldap.LDAPAuthenticationFailureWarning: Record matching LDAP filter (objectClass=person) in the search base OU=mygroup ,DC=sybase DC=local was not found. Verify that the user exists and the bind user has permissions to read the user properties.at com.sybase.security.ldap.LDAPQueryHelper.lookupUserDN(LDAPQueryHelper.java:171)

In ldap connection properties I set the Authenctication filter as (objectClass=person). I got this filter from apache directory studio it works here but doesnt work in SUP.

Any clues about this ?

Kind Regards

Tahir ÖZ

Show replies
Show replies
Ayax
Participant
‎07-09-2012 5:37 PM
0 Kudos

Hello Tahir,

If you are using active directory your authentication filter should be:

(&(sAMAccountName={uid})(objectclass=user))

More info here:

http://infocenter.sybase.com/help/topic/com.sybase.infocenter.dc01092.0213/doc/html/aba1251310153582...

Regards,

Ayax

tahir_z
Contributor
‎07-10-2012 8:47 AM
0 Kudos

Hello Ayax,

I set Authentication filter as (&(sAMAccountName={uid})(objectclass=user)) and

role filter as (objectClass=person) and im getting domain users succesfully but also getting warnings as follow

com.sybase.security.ldap.LDAPAuthenticationFailureWarning: Record matching LDAP filter (&(userPrincipalName={0})(objectclass=user)) in the search base OU=İSTANBUL,OU=<SUP>,DC=<SUP>,DC=local was not found. Verify that the user exists and the bind user has permissions to read the user properties.

Im mapping a domain user to SupAdministrator role but not able to login with the user.

Thanks ın advance

Kind Regards

Tahir

Ayax
Participant
‎07-10-2012 7:25 PM
0 Kudos

Hello Tahir,

Do you get anything in your ldap browser with this search?

(&(sAMAccountName=your_ldap_user)(objectclass=user))

Regards,

tahir_z
Contributor
‎07-12-2012 7:51 PM
0 Kudos

Hello Ayax,

I tried that query in ldap browser but didn't work also. Well, i ll keep on trying if i make it work  i will post here.

Thank you

Regards

Tahir

Former Member
‎09-12-2012 1:46 PM
0 Kudos

Hi Tahir,

Does it work now? I am trying to configure it too to work with MS AD.

Former Member
‎03-28-2013 9:26 AM
0 Kudos

Hi All,

Somebody able to fix this issue. I am currently configuring the same with MSAD-SUP-iOS.

I have one more issue that our client uses Active Directory with Certificate based Access and I am yet to find any How-To guide on that part.

Appreciate if somebody can share relevant How-To guide.

Ayax
Participant
‎07-06-2012 11:16 PM
0 Kudos

Hello Tahir,

First make sure to map the sup roles to your ldap groups in the admin domain

Regards,

Ayax

Show replies
Show replies
Ask a Question