Connection to LDAP server
Hello there,
currently we are evaluating Adobe Livecycle policy server. When trying to connect from Acrobat Pro, an internal user cannot login (an external user can log in). Therefore we suspect difficulties with the connection to the LDAP server: we configured the necessary settings in login-config.xml and added JASS authentification "UsernamePwd_Auth_Search".
Is it necessary to also specify an LDAP server in the Adobe Config web interface? If so, what data do I put there?
In this dialog, the searchfilter has no possibility to enter prefix and suffix, like in login-config.xml.
Thanks for any help,
Rainer
[email protected] wrote:
> Hello there,
>
> currently we are evaluating Adobe Livecycle policy server. When trying to connect from Acrobat Pro, an internal user cannot login (an external user can log in). Therefore we suspect difficulties with the connection to the LDAP server: we configured the necessary settings in login-config.xml and added JASS authentification "UsernamePwd_Auth_Search".
>
> Is it necessary to also specify an LDAP server in the Adobe Config web interface? If so, what data do I put there?
> In this dialog, the searchfilter has no possibility to enter prefix and suffix, like in login-config.xml.
>
> Thanks for any help,
> Rainer
Rainer,
You definately need to specify an LDAP server. It will use the LDAP connection to create the
users and groups in Policy Server. If you haven't done this, then you essentially don't have any
internal users. The settings will depend upon the LDAP system that you are connecting to. I would
recommend consulting your LDAP administrator to determine the appropriate values to set in the
dialog (within the web interface).
Justin Klei
Cardinal Solutions Group
www.cardinalsolutions.com
Similar Messages
-
Unable to connect remote LDAP server 2005Q1
To connect remote LDAP server with local mail server in iMS5.2, it was successful and very easy.
But, with Sun Java Messaging 2005Q1, I failed so many times when I configure mail server.
Only two things( LDAP and messaging ) are in the same machine, it was successful.
It's very weird.
In Install Guide, remote LDAP system has no problem to connect with local mail server.
Here is LDAP server version.
# ./monitor
version: 1
dn: cn=monitor
objectClass: top
objectClass: extensibleObject
cn: monitor
connectionpeak: 9
version: Sun Java(TM) System Directory Server/5.2_Patch_3 B2004.331.1125
Messaging server version is Sun Java Messaging 2005Q1.
================ Install Log ================
The following items for the product Messaging Server will be configured:
Product: Messaging Server
Location: /data/MailData
Space Required: 0 bytes
Message Transfer Agent
Message Store
Messenger Express
Ready to Configure
1. Configure Now
2. Start Over
3. Exit Configure Program
What would you like to do [1] {"<" goes back, "!" exits}?
Starting Task Sequence
===== Thu Apr 21 18:50:38 KST 2005 =====
Running /usr/sbin/groupadd mail
===== Thu Apr 21 18:50:38 KST 2005 =====
Running /usr/sbin/useradd -g mail -d / mailsrv
===== Thu Apr 21 18:50:38 KST 2005 =====
Running /usr/sbin/usermod -G mail mailsrv
===== Thu Apr 21 18:50:38 KST 2005 =====
Running /bin/rm -rf /opt/java05Q1/Mail/config /opt/java05Q1/Mail/data
===== Thu Apr 21 18:50:38 KST 2005 =====
Running /bin/chmod 600 /opt/java05Q1/Mail/lib/config-templates/Devsetup.
properties
===== Thu Apr 21 18:50:38 KST 2005 =====
Running /opt/java05Q1/Mail/lib/devinstall -l schema1:sepadmsvr:pkgcfg:config:
msg:msg_en:imta:msma:webmail:imta -v -m -i /opt/java05Q1/Mail/lib/config-
templates/config.ins /opt/java05Q1/Mail/lib/config-templates
/opt/java05Q1/Mail/lib/jars /opt/java05Q1/Mail/lib
===== Thu Apr 21 18:50:45 KST 2005 =====
Running /bin/sh -c /opt/java05Q1/Mail/sbin/imsimta clbuild -
image_file=IMTA_COMMAND_DATA IMTA_BIN:pmdf.cld
===== Thu Apr 21 18:50:46 KST 2005 =====
Running /bin/sh -c /opt/java05Q1/Mail/sbin/imsimta chbuild
===== Thu Apr 21 18:50:46 KST 2005 =====
Running /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/cfgdir23381 -c -
e /opt/java05Q1/Mail/config/cfgdir.ldif.rej -f /opt/java05Q1/Mail/config/cfgdir.
ldif
===== Thu Apr 21 18:50:46 KST 2005 =====
Running /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/usergroup.ldif.rej -f
/opt/java05Q1/Mail/config/usergroup.ldif
===== Thu Apr 21 18:50:46 KST 2005 =====
Running /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/dctree.ldif.rej -f /opt/java05Q1/Mail/config/dctree.
ldif
===== Thu Apr 21 18:50:46 KST 2005 =====
Running /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/mid_dctree.ldif.rej -f
/opt/java05Q1/Mail/config/mid_dctree.ldif
===== Thu Apr 21 18:50:47 KST 2005 =====
Running /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/last_dctree.ldif.rej -f
/opt/java05Q1/Mail/config/last_dctree.ldif
===== Thu Apr 21 18:50:47 KST 2005 =====
Running /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/pab.ldif.rej -f /opt/java05Q1/Mail/config/pab.ldif
===== Thu Apr 21 18:50:47 KST 2005 =====
Running /bin/sh -c /opt/java05Q1/Mail/sbin/imsimta cnbuild
===== Thu Apr 21 18:50:47 KST 2005 =====
Running /bin/sh -c /bin/cp /opt/java05Q1/Mail/lib/config-
templates/madman_solaris.reg /etc/snmp/conf/ims.reg
===== Thu Apr 21 18:50:47 KST 2005 =====
Running /bin/sh -c /bin/cp /opt/java05Q1/Mail/lib/config-
templates/madman_solaris.acl /etc/snmp/conf/ims.acl
===== Thu Apr 21 18:50:47 KST 2005 =====
Running /bin/sh -c /usr/bin/crle
===== Thu Apr 21 18:50:47 KST 2005 =====
Running /bin/sh -c /usr/bin/crle -s /usr/lib/secure -s /opt/java05Q1/Mail/lib
===== Thu Apr 21 18:50:48 KST 2005 =====
Running /bin/sh -c /usr/bin/crle
===== Thu Apr 21 18:50:48 KST 2005 =====
Running /bin/sh -c /bin/cp -rpf /opt/java05Q1/Mail/lib/config-templates/html
/opt/java05Q1/Mail/config/
===== Thu Apr 21 18:50:57 KST 2005 =====
Running /bin/chown -Rh mailsrv /opt/java05Q1/Mail/config/html
===== Thu Apr 21 18:50:57 KST 2005 =====
Running /bin/chgrp -Rh mail /opt/java05Q1/Mail/config/html
===== Thu Apr 21 18:50:57 KST 2005 =====
Running /bin/sh -c /bin/cp -rpf /opt/java05Q1/Mail/config
/opt/java05Q1/Mail/install/configure_20050421184758
===== Thu Apr 21 18:51:08 KST 2005 =====
Running /bin/sh -c /bin/cp -p /opt/java05Q1/Mail/lib/config-templates/Devsetup.
properties /opt/java05Q1/Mail/install/configure_20050421184758/Devsetup.
properties
Sequence Completed
PASSED: /usr/sbin/groupadd mail : status = 9
PASSED: /usr/sbin/useradd -g mail -d / mailsrv : status = 0
PASSED: /usr/sbin/usermod -G mail mailsrv : status = 3
PASSED: /bin/rm -rf /opt/java05Q1/Mail/config /opt/java05Q1/Mail/data : status
= 0
PASSED: /bin/chmod 600 /opt/java05Q1/Mail/lib/config-templates/Devsetup.
properties : status = 0
FAILED: /opt/java05Q1/Mail/lib/devinstall -l schema1:sepadmsvr:pkgcfg:config:
msg:msg_en:imta:msma:webmail:imta -v -m -i /opt/java05Q1/Mail/lib/config-
templates/config.ins /opt/java05Q1/Mail/lib/config-templates
/opt/java05Q1/Mail/lib/jars /opt/java05Q1/Mail/lib : status = 1
PASSED: /bin/sh -c /opt/java05Q1/Mail/sbin/imsimta clbuild -
image_file=IMTA_COMMAND_DATA IMTA_BIN:pmdf.cld : status = 0
PASSED: /bin/sh -c /opt/java05Q1/Mail/sbin/imsimta chbuild : status = 0
FAILED: /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/cfgdir23381 -c -
e /opt/java05Q1/Mail/config/cfgdir.ldif.rej -f /opt/java05Q1/Mail/config/cfgdir.
ldif : status = 89
FAILED: /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/usergroup.ldif.rej -f
/opt/java05Q1/Mail/config/usergroup.ldif : status = 89
FAILED: /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/dctree.ldif.rej -f /opt/java05Q1/Mail/config/dctree.
ldif : status = 89
FAILED: /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/mid_dctree.ldif.rej -f
/opt/java05Q1/Mail/config/mid_dctree.ldif : status = 89
FAILED: /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/last_dctree.ldif.rej -f
/opt/java05Q1/Mail/config/last_dctree.ldif : status = 89
FAILED: /opt/java05Q1/Mail/lib/ldapmodify -h love.daou.co.kr -p 389 -D
cn=Directory Manager -j /opt/java05Q1/Mail/lib/config-templates/ugdir23382 -c -
e /opt/java05Q1/Mail/config/pab.ldif.rej -f /opt/java05Q1/Mail/config/pab.ldif
: status = 89
PASSED: /bin/sh -c /opt/java05Q1/Mail/sbin/imsimta cnbuild : status = 0
PASSED: /bin/sh -c /bin/cp /opt/java05Q1/Mail/lib/config-
templates/madman_solaris.reg /etc/snmp/conf/ims.reg : status = 0
PASSED: /bin/sh -c /bin/cp /opt/java05Q1/Mail/lib/config-
templates/madman_solaris.acl /etc/snmp/conf/ims.acl : status = 0
PASSED: /bin/sh -c /usr/bin/crle : status = 0
PASSED: /bin/sh -c /usr/bin/crle -s /usr/lib/secure -s /opt/java05Q1/Mail/lib :
status = 0
PASSED: /bin/sh -c /usr/bin/crle : status = 0
PASSED: /bin/sh -c /bin/cp -rpf /opt/java05Q1/Mail/lib/config-templates/html
/opt/java05Q1/Mail/config/ : status = 0
FAILED: /bin/chown -Rh mailsrv /opt/java05Q1/Mail/config/html : status = 1
FAILED: /bin/chgrp -Rh mail /opt/java05Q1/Mail/config/html : status = 1
PASSED: /bin/sh -c /bin/cp -rpf /opt/java05Q1/Mail/config
/opt/java05Q1/Mail/install/configure_20050421184758 : status = 0
PASSED: /bin/sh -c /bin/cp -p /opt/java05Q1/Mail/lib/config-templates/Devsetup.
properties /opt/java05Q1/Mail/install/configure_20050421184758/Devsetup.
properties : status = 0
FAILURE: Number of task failed:9. Please check install log
/opt/java05Q1/Mail/install/configure_20050421184758.log
for further details.
Hit NEXT to continue
Configuration Details:
Product Result More Information
1. Messaging Server Failed Available
2. Done
Enter the number corresponding to the desired selection for more
information, or enter 2 to continue [2] {"!" exits}:
================
Any Good ADVICE would be welcomed.I already did what you advised - installing admin server on each machine. I tested throught connecting admin console,modifying ldap,mail config and adding users.
To say about running 'comm_dssetup.pl' script , if I didn't I could not even setup and configure mail server.
In a month, there is a chance to setup both mail and ldap servers on diferrent machines.
I am a little bit worry. What did I wrong?
welcomed... any words of advice.. -
How to resolve "Connection to LDAP server failed." error?
Hello,
I have installed Coldfusion8 on one of my server that was having ColdFusionMX earlier.
The ColdFusionMX admin settings are automatically transferred to the new Coldfusion8 admin page after installation.
Also I have configured all my websites at the time of installation.
After all when I am trying to login into one of my website system is throwing the below error.
"Connection to LDAP server failed."
Prevously it was working well with coldfusionMX. After installed Coldfusion8 I am facing this problem.
Is there anything to do more with cf admin settings page or is this problem is with the code? (Infact I havent modified my cfm code)
Please find the piece of code that I am using.
<cfldap action="QUERY" server="#application.LDAPServer#" port="#application.LDAPPort#" start="#application.LDAPBase#" name="search" attributes="alias, dn, uid, technicalCareerLevel, locationorgunit, givenName, sn" filter="#filter#" scope="SUBTREE" maxRows="2">
Anybody can assist me on this?
Thanks in advance.
Manoz.I have fixed this problem successfully.
The problem was with the referral attribute of the cfldap tag.
After adding this (referral="yes") attribute to my code I am able to login into my website.
<cfldap action="QUERY" server="#application.LDAPServer#" port="#application.LDAPPort#" start="#application.LDAPBase#" name="search" attributes="alias, dn, uid, technicalCareerLevel, locationorgunit, givenName, sn" filter="#filter#" scope="SUBTREE" maxRows="2" referral="yes">
Any way thanks for your assistance!!!!! -
Hi everybody,
I'm running in an urgent problem, because binding to my OpenDirectory got lost. I've lots of "Module: AppleODClientLDAP - unable to open connection to LDAP server - unable to create connection context" messages in the system.log and OD service stoppped running. In the OD-section no server is listed any longer and all buttons are greyed. All network users for sure are not available, but all other services are up. I didn't changed anything to the existing services but started with the netinstall config. I got the following entries in the systemlog
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: server name macminiserver.homenet
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: interface en0: ip 192.168.0.11 mask 255.255.255.0
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: subnets: Failed to convert 'domain_search': Empty array
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: re-reading configuration
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: shadow file size will be set to 48 megabytes
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: age time 00:15:00
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bsdpd: no NetBoot images found
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: bootpd: NetBoot service turned off
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: DHCP REQUEST [en0]: 1,0:1b:77:36:47:f6 <NB01>
Jun 19 00:35:30 macminiserver.homenet bootpd[95005]: ACK sent NB01 192.168.0.107 pktsize 304
Since these logentries appeared, no network users and groups are available anymore. I'm running OS X ML 10.8.3 and DNS is fine.
Are there any steps to perform to get LDAP working again? With all buttons in the server admin OD section greyed out I even can't setup a new directory.
BR
JensI was able to restore the existing server with the automatic OD backup that Server.app creates. When my OD fails to start after a crash and db_recover commands don't work, it's always worked for me to restore the odmaster from a backup using the command:
sudo slapconfig -restoredb /private/var/backups/ServerBackup_OpenDirectoryMaster.sparseimage
I'm careful to keep an independent OD backup with Carbon Copy Cloner and this preflight script.
You can also grab an earlier version of the sparse image ServerBackup_OpenDirectoryMaster.sparseimage from a Time Machine backup. It's also possible to rsync the database files directory from a Time Machine backup. -
Connection to LDAP Server failed
OK, I have an application that has been working for years.
Yesterday it stopped working and my error trapping started sending
me messages with the cfcatch.message of " Connection to LDAP Server
failed" The code hasn't been touch in over three years. Any ideas
what is going on? I have attached the code but changed some
information for security reasons.CF_contractor wrote:
> OK, I have an application that has been working for
years. Yesterday it
> stopped working and my error trapping started sending me
messages with the
> cfcatch.message of " Connection to LDAP Server failed"
The code hasn't been
> touch in over three years. Any ideas what is going on? I
have attached the
> code but changed some information for security reasons.
>
> <cfldap
> action="QUERY"
> name="qryResults"
> attributes="distinguishedname"
> start=""
> scope="SUBTREE"
> filter = "(cn=#txtxNO#)"
> username="testuser"
> password="test"
> server="server.com"
> >
>
An LDAP administrator change the password for or removed the
'testuser'
account? Happened to me last week. -
Sample connecting to LDAP Server in Java
Hi,
I am trying to establishing SSL from Java Application(via Netscape Directory SDK 4.0 - Java version) to the Directory Server(ADS) in a secure manner - i.e. LDAP over SSL.
I am trying to run this code...
LDAPConnection ld = null;
LDAPModificationSet attrs = new LDAPModificationSet();
attrs.add(LDAPModification.REPLACE,new LDAPAttribute("unicodePwd", "testpassword"));
try
LDAPSSLSocketFactory ssl = new LDAPSSLSocketFactory();
ld = new LDAPConnection( ssl );
/* Connect to server */
ld.connect("10.10.10.7",636);
/* Authenticate to the server as directory manager */
ld.authenticate(adminDN,password);
/* Now modify the entry in the directory */
ld.modify( userDN, attrs );
catch(Exception e)
But I don't know where my program reads the Cert. info... I don't know
if I have to import my internal CA via keytool or I have missed some
special configuration ..
When I run this code, the following error appears:
netscape.ldap.LDAPException: Failed to create SSL socket (91); Cannot connect to the LDAP server
at netscape.ldap.LDAPSSLSocketFactory.makeSocket(LDAPSSLSocketFactory.java:309)
at edu.umassmed.chcf.security.ldap.LDAPHelper.setLDAPPassword(LDAPHelper.java:742)
at edu.umassmed.chcf.security.administration.userhandler.UserHandlerBean.changePassword(User HandlerBean.java:628)
at edu.umassmed.chcf.security.administration.userhandler.UserHandlerBean_37ncs1_ELOImpl.chan
gePassword(UserHandlerBean_37ncs1_ELOImpl.java:409)
at edu.umassmed.chcf.security.administration.userfacade.UserManagerBean.changePassword(UserM
anagerBean.java:174)
at edu.umassmed.chcf.security.administration.userfacade.UserManagerBean_3chmth_EOImpl.change
Password(UserManagerBean_3chmth_EOImpl.java:501)
at edu.umassmed.chcf.sbb.action.ChangePasswordAction.perform(ChangePasswordAction.java:114)
at org.apache.struts.action.ActionServlet.processActionPerform(ActionServlet.java:1787)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1586)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:510)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:265)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:200)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:24
95)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2204)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
LDAPHelper - authenticateUser() - expLDAP.toString() netscape.ldap.LDAPException: Failed to create S
SL socket (91); Cannot connect to the LDAP server
Is this possible? If so, what hints can you give me to get started (any sample code would be greatly appreciated).
Thanks in advance.
With Regards,
Gokul.hey guys .. i was struggling with the same thing - finally found this solution -
use:
import netscape.ldap.*;
import netscape.ldap.factory.JSSESocketFactory;
JSSESocketFactory fact = new JSSESocketFactory(null);
//unless u wanna specify any specific ciphers in the constructor
log("Factory created");
LDAPConnection ld = new LDAPConnection(fact);
log("Connection initialised");
ld.connect(MY_HOST, MY_PORT);
log("Connected");
ld.authenticate(user, pwd);
log("Authenticated!");
Before running this, i used the "keytool" command line utility to import the SSL client certificate into my default trustStore .. as a trusted cert. Dont know if thats required.. but it worked :) Hope this helps. -
Solaris 10 client - ldap_search: Can't connect to LDAP server
Hello
I have following configuration:
- openLDAP server in Solaris 10 zone called ldap
- native LDAP client in different Solaris 10 zone called mail on the same SPARC machine
I can't get ldapsearch results after ldapclient initialization.
[root@mail ~]# ldapsearch -b dc=pov,dc=pl objectclass=*
ldap_search: Can't connect to the LDAP server - Connection refused
But I am able to get data from LDAP server if address of the server is specified:
[root@mail ~]# ldapsearch -b dc=pov,dc=pl -h 192.168.1.40 objectclass=*
version: 1
dn: ou=users,dc=pov,dc=pl
objectClass: organizationalUnit
ou: Users
Here is ldapclient config:
[root@mail ~]# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_SERVERS= 192.168.1.40
NS_LDAP_SEARCH_BASEDN= dc=pov,dc=pl
NS_LDAP_AUTH= none
NS_LDAP_CACHETTL= 0
What am I missing?Hi, I'm no exprert but I will try to help you. Are you still working on this?
This what my stuff looks like:
# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= uid=proxyagent,ou=People,dc=deathnote,dc=net
NS_LDAP_BINDPASSWD= {NS1}ecfa88f3a945c411
NS_LDAP_SERVERS= 10.0.1.21:389
NS_LDAP_SEARCH_BASEDN= dc=deathnote,dc=net
NS_LDAP_AUTH= none
NS_LDAP_CACHETTL= 0
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_SERVICE_SEARCH_DESC= passwd:ou=People,dc=deathnote,dc=net
NS_LDAP_SERVICE_SEARCH_DESC= shadow:ou=People,dc=deathnote,dc=net
NS_LDAP_SERVICE_SEARCH_DESC= group:ou=People,dc=deathnote,dc=net
NS_LDAP_SERVICE_AUTH_METHOD= pam_ldap:simple
[root@light migration]# cat user00.ldif
dn: uid=user00,ou=People,dc=deathnote,dc=net
uid: user00
cn: user00
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
loginShell: /bin/bash
uidNumber: 805
gidNumber: 501
homeDirectory: /home/user00
gecos: ldap user
Also update you hosts file and add your server to the domain.
I hope this helps.
Edited by: CyberNinja on Oct 22, 2011 12:37 PM -
Problems getting Web server to connect with LDAP server.
Have 4.1.8 iplanet Web and 4.13 LDAP running on Win2000 sp2. Both are working fine separately, i.e. 'have good anonymous LDAP://URL responses, and 'have working application CGI responses from web server. 'Have previously had same setup running on another server. However, with this install on win2000 cannot get Global settings LDAP feature to work ~ getting " An error occured while contacting th LDAP server. A connection to the the directory server could not be opened. Have checked DNS settings, etc. All seems to be in order. Any suggetions?
Hi,
What edition of Win 2K are you using (Pro/Server/Ad Server). The problem could be your DNS settings only.Ensure which machine is your DNS Server is running,is it on NT? if so change it to win 2K server.
Delete your LDAP machines A record from DNS server and add it again. This will solve your problem.
Refer the URL :
http://knowledgebase.iplanet.com/ikb/kb/articles/5135.html -
C# error when connecting to ldap server that does not exist
When using Novell.Directory.Ldap.dll and making a connect to an ldap
server which does not exists i'm getting the following error:
Connection.freeWriteSemaphore(-2): semaphore not owned by any thread
Im using this to connect: conn.Connect(ldapHost, ldapPort);
This error is not catched by LdapException. Can anyone tell me if this is
a bug or do I have to do something different.Hi. I'm using version 2.1.11 of the NDK for CSharp. I'm getting this
same error message:
Code:
Connection.freeWriteSemaphore(-2): semaphore not owned by any thread
at Novell.Directory.Ldap.Connection.freeWriteSemaphor e(Int32 msgId)
at Novell.Directory.Ldap.Connection.connect(String host, Int32 port, Int32 semaphoreId)
at Novell.Directory.Ldap.LdapConnection.Connect(Strin g host, Int32 port)
at TestLDAP.Program.Main(String[] args) in D:\Documents and Settings\tjbuege\my documents\visual studio 2010\Projects\TestLDAP\TestLDAP\Program.cs:line 20
This occurs when I try to bind to a server that does not exist. Here
is my sample source code that generates that error:
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Novell.Directory.Ldap;
namespace TestLDAP
class Program
static void Main(string[] args)
LdapConnection conn = null;
string host = "server.does.not.exist.com";
int port = 389;
try
conn = new LdapConnection();
conn.Connect(host, port);
catch (Exception ex)
Console.WriteLine(ex.Message);
Console.WriteLine(ex.StackTrace);
if (conn != null)
conn.Disconnect();
Is there a fix for this? It makes this library useless for me.
Thanks,
Tim
tjbuege
tjbuege's Profile: http://forums.novell.com/member.php?userid=108957
View this thread: http://forums.novell.com/showthread.php?t=365082 -
How to use Java to connect to LDAP server
We have a requirement is to get LDAP service through XI.
Scenario is SAP <-> XI <-> LDAP
It seems there is not a LDAP adapter for XI now, so, is it possible to embed a Java program to access LDAP server? We already have a program like this:
SAP <-> Java (through JCo) <-> LDAPThanks, I checked this document. Does it mean we still need to run a standalone java application?
SAP -> RFC Adapter -> XI -> Java Proxy -> Java Application -> LDAP Server
Is it possible just build the java application to a jar in XI ? The reason is, if we still need to run a Java application, and it can connect to SAP directly (through JCo). I cannot find any benefit to migrate to XI.
Our wish is
SAP -> RFC Adapter -> XI -> Java Proxy -> LDAP Server -
Help on ldapsearch: ldap_search: Can't connect to LDAP server -- No error
Hi,
I just want to do a basic search
ldapsearch -h "xxx" -b "dc=yyy.com" -s sub "objectclass=*"
Here is what I got:
ldap_search: Can't connect to the LDAP server -- No error
Please help
Thanks,
LynneSince you havent specified the -p (port) option, the default is taken to be 389. You might want to check that first.
If thats fine, try to ping the host you are trying to access.
One of the above shd solve your problem. -
When creating the LDAP Data Server in Topology Manager using the Sunopsis LDAP Open Connector, the following message is displayed:
"A NamingException occured saying: [LDAP: error code 49 - Invalid Credentials]"
I use the sunopsis JDBC driver:
com.sunopsis.ldap.jdbc.driver.SnpsLdapDriver
and set the parameters:
jdbc:snps:ldap?ldap_url=ldap://10.182.255.38:389/&ldap_basedn=cn=Users,dc=cn,dc=oracle,dc=com
the user is set to:
cn=orcladmin,cn=Users,dc=cn,dc=oracle,dc=com OR cn=orcladmin OR orcladmin, the error is the same.
Could anyone tell me how to solve this issue?I can't connect to the ldap server.
Using a simple java program, no problem, ODI, no go.
Some code I found on the internet to connect to the ldap server
Note the comments on SECURITY_PRINCIPAL and SECURITY_CREDENTIALS.
This works fine for me.
If I try to do the same with ODI, it doesn't work.
Why?
Kinde regards,
Frans.
public static void main( String[] args ) {
// set up environment to access the server
Properties env = new Properties();
env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
env.put( Context.PROVIDER_URL, "ldap://" + ldapServerName + "/" + rootContext);
//env.put( Context.SECURITY_PRINCIPAL, rootdn );
//env.put( Context.SECURITY_CREDENTIALS, rootpass );
try {
// obtain initial directory context using the environment
DirContext ctx = new InitialDirContext( env );
// now, create the root context, which is just a subcontext
// of this initial directory context.
//ctx.createSubcontext( rootContext );
Attributes attr = ctx.getAttributes("");
NamingEnumeration allAttr = attr.getAll();
while (allAttr.hasMore()) {
Attribute a = (Attribute)allAttr.next();
System.out.println("attr: " + a.getID());
NamingEnumeration values = attr.getAll();
while (values.hasMore()) {
System.out.println("value: " + values.next());
catch ( NameAlreadyBoundException nabe ) {
System.err.println( rootContext + " has already been bound!" );
catch ( Exception e ) {
System.err.println( e );
} -
Connection to LDAP server ..ERROR
Hello ,
I am new to coding and I am trying to initiate a connection with the LDAP server but I am not able to get going with the connection..The DBMS_LDAP package is available in the SYS schema in toad.And I am trying to accesss it from the APPS schema.So this is the code that I had written and the errors are mentioned below.So can anyone pls help in this regard...
DECLARE
ldap_host VARCHAR2(256);
ldap_port PLS_INTEGER;
l_session SYS.DBMS_LDAP.session;
BEGIN
ldap_host := 'entro-dev.cisco.com';
ldap_port := 389;
l_session := SYS.DBMS_LDAP.init(ldap_host,ldap_port);
END;
ERRORS...
The following error has occurred:
ORA-04068: existing state of packages has been discarded
ORA-04067: not executed, package body "SYS.DBMS_LDAP" does not exist
ORA-06508: PL/SQL: could not find program unit being called
ORA-06512: at line 8
Thanks,
AKI have fixed this problem successfully.
The problem was with the referral attribute of the cfldap tag.
After adding this (referral="yes") attribute to my code I am able to login into my website.
<cfldap action="QUERY" server="#application.LDAPServer#" port="#application.LDAPPort#" start="#application.LDAPBase#" name="search" attributes="alias, dn, uid, technicalCareerLevel, locationorgunit, givenName, sn" filter="#filter#" scope="SUBTREE" maxRows="2" referral="yes">
Any way thanks for your assistance!!!!! -
"untrusted server cert chain" exception while connecting LDAP server
While connecting to LDAP server using JNDI over JSSE ..This is happening when trying to get the initial context
using
InitialDirContext initContext = new InitialDirContext(env);
where env is a hash table set with the default parametes.The certificate used for is a Novell CA certificate converted to X509 format and the key store is initialized with thisThis got resolved when in the code the following
System.setProperty("javax.net.ssl.tmrustStore", CertFileName);
where cert file name is the filename with complete path.the file is a CA certificate of the LDAP server
in X509 format -
No trusted certificate found (91);Cannot connect to the LDAP server
HI All,
I am trying to connect to LDAP server with the following code.
JSSESocketFactory fact = null;
private LDAPConnection conn = null;
String keystore = "C:\\j2sdk1.4.2_15\\jre\\lib\\security\\cacerts";
System.setProperty("javax.net.ssl.trustStore",keystore);
fact = new JSSESocketFactory(null);
conn = new LDAPConnection(fact);
int ldapVersion = 3;//LDAPConnection.LDAP_V3; //defualt values of LDAP settings
private int ldapPort = 636;
LDAPAttributeSet ldapAtrbSet;
String ldapHost;
String loginDN;
String loginDN_Password;
And it is gicving me error :
Error: netscape.ldap.LDAPException: SSL connection to 192.168.10.8:636, sun.security.validator.ValidatorException: No trusted certificate found (91); Cannot connect to the LDAP server
netscape.ldap.LDAPException: SSL connection to 192.168.10.8:636, sun.security.validator.ValidatorException: No trusted certificate found (91); Cannot connect to the LDAP server
at netscape.ldap.factory.JSSESocketFactory.makeSocket(JSSESocketFactory.java:105)
at netscape.ldap.LDAPConnSetupMgr.connectServer(LDAPConnSetupMgr.java:418)
at netscape.ldap.LDAPConnSetupMgr.openSerial(LDAPConnSetupMgr.java:350)
at netscape.ldap.LDAPConnSetupMgr.connect(LDAPConnSetupMgr.java:244)
at netscape.ldap.LDAPConnSetupMgr.openConnection(LDAPConnSetupMgr.java:170)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1042)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:924)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:768)
at com.reflexis.LDAP.LdapTestSSL.createConnection(LdapTestSSL.java:522)
at com.reflexis.LDAP.LdapTestSSL.checkLdap(LdapTestSSL.java:118)
at com.reflexis.LDAP.LdapTestSSL.main(LdapTestSSL.java:52)
Unable to connect to LDAP server
I have imported atr certificate also by using command:
"keytool -import -alias jag -file c:\x225.cer -keystore c:\j
2sdk1.4.2_15\jre\lib\security\cacerts"
I am running my java code from eclipse. And do i have to set any thing in eclipse for certificate. I Have imported certificate from command prompt.
Can any one please help me.It is very important for me.
Please its very urgent.
THanks,
Ankush PatniAs previously said network is a possible cause.Other things could be time on filer is too far off time on DC.AD object for filer has been deleted or change by a Windows admin.If all users are experiencing a problem, you may need to rebind it to AD - run CIFS setup at command prompt
Maybe you are looking for
-
How to send mail with pdf attachment.
hello, I want to know if I can send a pdf attachment via mail. My PDF file is somewhere in the server and its content doesn't need to be changed by the program. the program just needs to find the pdf in server, then it will just send pdf file as atta
-
How to configure Interest Calculation procedure???
Hi Guys, While running F.52 report for interest calculation, the interest is getting calculated. After running the batch report, I am not getting any FI posting for the calculated interest in SAP. When the checked the GL account, its only showing the
-
What are components of Oracle Application server ?
Hello Experts, I am little confused about Oracle Application Server 10g. I have done some research to collect the information about the Oracle Application Server 10g. As for my study, The below are the key components of Oracle Application server. 1.
-
Photos vanishing from my E71-2 (US)
My photos are disappearing from my E71-2. The entire gallery has vanished. Does anyone think there's a way to save those photos somehow – that they might be lost in some hidden directory? I'd like to see if I can do that before I give up and reformat
-
I develop using RoboHelpx5 with RoboEngine Server and do not use Source Control I created a project for another line of business. That project folder sits on the same DEV Server with my primary project files. They have two separate URLs. We have "unc