LDAP Binding issue.

Hi,
I've been testing out the novell ldap library against an openldap
server and found an issue with the binding.
When I try to do the following (c#):
Code:
string password = "MyPass"
LdapConnection conn = new LdapConnection();
conn.Connect("ldap", 389);
conn.Bind("uid="michael",ou=people,o=myfirm", password + "test"); // should not authenticate as I add test to the password string.
This seems to authenticate me all fine and don't give me a ldap
exception that I get if "MyPass" is wrong. So as long as the password is
correct I can add whatever chars to the end and it will still
authenticate.
Am I doing something wrong or is this a bug?
Regards,
Michael.
mikeso
mikeso's Profile: http://forums.novell.com/member.php?userid=48915
View this thread: http://forums.novell.com/showthread.php?t=367505

Did some more testing with our operations deparment and this seems to be
an error on our ldap server with some users.
Sorry for taking up your time.
Regards,
Michael.
mikeso
mikeso's Profile: http://forums.novell.com/member.php?userid=48915
View this thread: http://forums.novell.com/showthread.php?t=367505

Similar Messages

  • LDAP Bind Failure

    Hi All,
    We are facing the issue "LDAP bind failure:Cant contact LDAP server".
    We are facing for now and then....Can you guys tell me the corrective action to correct this?
    Our LDAP server is Novel e-directory.
    RMD

    Try referring http://rnm1978.wordpress.com/2010/12/02/troubleshooting-obiee-ldap-adsi-authentication/
    Hope it helps

  • Attachment binding issue in workflow

    Hi All,
    I have used FM 'SAP_WAPI_ATTACHMENT_ADD ' in method of my workflow. Here after executing this FM i m getting id of the attachment for this workitem. But now i need to assign this to  '_Attach_Objects' of workflow container. so please help me for this binding issue. which i need to bind from method to> task to> workflow. so from next step onwards in workflow i will get that attachment.
    Smit Shah

    Hi,
    1) In the T.code SWO1, you have to create a custom method for the BO, there execute that method and check whether it working fine
    2) Then goto  T.code PFTC and Create a Task (Task no. will generate automatically), then call this method and generate the binding
    3) Goto  T.code SWDD and call that Task by assigning that Task no. and assign the binding
    Then test your workflow.
    For the Binding see this [link|http://help.sap.com/saphelp_nw04/helpdata/en/c8/bfc39b0fc57a49a0291378f8be0cd6/frameset.htm].
    Regards,
    Surjith

  • LDAP Bind Failure: Can't contact LDAP server in Presentation Server

    I have configured LDAP configuration in the RPD and am able to connect to the LDAP from the BI server. Its returning the information i need when i test through the admin tool. But when i try to log in from the PS using the same network id and password, it gives me the below error:
    State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused. [53003] LDAP bind failure: Can't contact LDAP server. (08004).
    I know for sure, the network connectivity is working as i get my results back from the BI Server. Please advise, if i need to change other configurations on the Presentation end. As my network folks have run out of ideas. Thx!

    user9125812 wrote:
    Yes, i am pinging from OBIEE Server through the RPD and i am successful.Pinging the OBIEE Server through the RPD? Ping is a DOS command, how can oyu "ping through the RPD".
    Can you go to the server, open a CMD windows and do "ping nsldap.companyname.com" and see if it works. If it works it could be that the LDAP port is blocked by a firewall or OBIEE is not able to make a connection. Make sure you are using the correct port as well. Install an LDAP client in your OBIEE Server and test that you can connect to your LDAP server from your OBIEE Server, not from the RPD. You can use this:
    http://jxplorer.org/

  • Problem removing LDAP binding

    Hello,
    When we set up our 10.6 server we did not know about the message it broadcasts offering to give "services" to clients, ie bind them to LDAP. Last fall several of our boarding students chose this option on their personal macs and they got our school login window and got restricted access to their computer. I showed them how to option-login and deselect management and remember the choice. I then went to the login options and unjoined them from the server.
    On at least one machine, this has not reverted the machine to the usual, unmanaged login box. I have trashed all mcx preferences to no avail. How can I remove all traces of the LDAP binding from this machine?
    Thank you,
    Kevin Kopchynski

    OK, I think I have gotten this done.
    The student actually used their full name on their computer account, which of course we also have on our Open Directory setup. I changed this on his computer so that there will be no conflict.
    I have also determined that the network information such as the green light will show up on a computer that has never been bound to LDAP.
    But it will NOT, as this student's had been, offer the local admin to bypass management or even respond to the option key at login.
    After changing the account I ran through all of the deletions mentioned by Antonio, still got the option to bypass management, but I hit "remember" and refresh preferences. That seemed to be the finishing touch. The machine no longer responds to the option key at login.
    By the time I did this mcxquery showed "no information available"
    Thanks again for the help.
    Kevin Kopchynski

  • CUCiMOC LDAP disconnected issue

    Hi,
    I am doong a new deployment for a customer with CCM7.1.3-2000-2, OCSR2 client. Everything works okay, except that CUCiMOC keeps showing LDAP disconnected. I can login, use deskphone and softphone but it wont bind to LDAP.
    I used wireshark to trace ldap bind request and response and I can see a successful ldap bind request, but when CUCiMOC attempts to do a search in the search base it returns 0 results.  This search base is the same used for CCM ldap directory configuration and users were succesfully imported into CCM.
    Under server health exceptions, There is no indication of any error..Still LDAP remain disconnected. I have tried on boith windows vista and windows 7.
    Any ideas please??

    Did you populate the registry correctly?  If you used .adm file to push group policy, the .adm file Cisco provided didn't have all values populated.
    If you look at the Wirshark, you'll notice that the search filter was incorrect.  For example, you'll see a filter "=johndoe" (while the correct one should be "sAMaccountID=johndoe".
    I would recommend you open the .bat file Cisco provided and modify your .adm file.
    Michael
    http://htluo.blogspot.com

  • A data-binding issue with a combo box.

    Hi,
    Iu2019m having a data-binding issue with a combo box.  The field it is bound to is an integer.  The valid values in the combo box are 1, 2, and 3.  If I add a record when it is set to 1 or 2, the value gets stored correctly.  If I add a record when it is set to 3, it is stored as 1.  However, I can bring up the record just added on the form, change it to 3, and click u201CUpdateu201D and it is saved correctly as 3.  If I change it so that the valid values are 4, 5, and 6, it saves a 1 regardless of what is selected in the combo box.  It looks like the combo box is correctly bound for updates but not for adds.  The table is a master type UDO.  Any ideas?  Iu2019m somewhat committed to the field being an integer.  I'm using 2007A PL47.
    Thanks,
    Mike
    Edited by: Mike Angelastro on Jul 1, 2009 2:43 PM

    I tried a few things on my own.  The result is that I decided that it was not a good idea to use a combo box bound to an integer (numeric) field.  I donu2019t think the SDK can handle it.  The reason it was an integer field in the first place is that before I changed it to a combo box it was a group of two option buttons.  Option buttons use an integer (numeric) field.  This worked just fine until I added a third option; the SDK didnu2019t handle the third option correctly when adding records.  I thought that using a combo box instead would fix that.  I was wrong; the problem remained.  So I decided to use a character (alphanumeric) field instead.  This works just fine.
    So here is my advice:  Never use option buttons if they need to be bound to the database; a combo box will actually work better when bound to the database.  But use a character (alphanumeric) field.
    Edited by: Mike Angelastro on Jul 5, 2009 9:15 PM

  • How to catch the return value of ldap- bind?

    For net::ldap,
    my $ldap = Net::LDAP->new( .. );
    $ldap->bind($DN,$password);
    if the bind failed, what's the returned value for this?
    Many examples I read suggested "undef" is returned, but looks like it's not the case on Sun Solaris.
    Marg8

    somehow "undef" is not returned.
    for ldap->bind($DN,$password) or die "can't bind";
    it always continue no matter what DN or password you put in.
    So looks to me it returned something else.
    Marg8

  • OVD Custom LDAP Bind Plugin

    I need to build a java plug-in for ovd in order to implement a custom ldap bind operation. In my case I am using ovd database adapter to expose a legacy hr application as a ldap directory but the legacy hr application uses the php crypto() function to store a DES hash based version of the end user password into a database table. Any help is more than appreciated.

    i was abe to implement the custom bind plug-in using the following documentation
    http://www.oracle.com/technetwork/middleware/id-mgmt/virtual-directory-custom-plugins-wp-188785.pdf
    http://docs.oracle.com/cd/E21764_01/oid.1111/e10046/adv_cust.htm#CEGJCFGE
    Custom Plug-in Code
    package br.gov.funasa.siarh.vde;
    import com.asn1c.core.Bool;
    import com.octetstring.vde.Credentials;
    import com.octetstring.vde.chain.Chain;
    import com.octetstring.vde.chain.ChainException;
    import com.octetstring.vde.syntax.BinarySyntax;
    import com.octetstring.vde.syntax.DirectoryString;
    import com.octetstring.vde.util.DirectoryException;
    public class CustomBindPlugin extends com.octetstring.vde.chain.BasePlugin {
    public CustomBindPlugin() {
    super();
    public void bind(Chain chain, Credentials creds, DirectoryString dn,
    BinarySyntax password, Bool result) throws DirectoryException,
    ChainException {
    //TO DO: Add equivalent code to check the password using the legacy hr application custom hash algorithm
    result.setValue(true);
    vde-properties.txt file that must be appended in MANIFEST.MF Jar file
    vde-package-classname: br.gov.funasa.siarh.vde.CustomBindPlugin
    vde-package-type: 0
    vde-package-version: 1
    vde-package-description: Custom bind for Siarh tha uses DES to check the user password
    vde-package-name: SiarhCustomBindPlugin
    vde-package-ops-add: false
    vde-package-ops-delete: false
    vde-package-ops-bind: true
    vde-package-ops-modify: false
    vde-package-ops-rename: false
    vde-package-ops-get: false

  • PAS with LDAP bind

    Hi,
    I have a similar requirement re PAS with LDAP bind. Is anybody on SCN able to share your solution?
    Thanks & regards
    Anthony
    Message was edited by: Oisin ONidh
    Branched to a NEW thread as was posted onto an OLD thread. Modify thread to reflect this change
    ITS SCN Moderator

    Hello Anthony,
    Can you provide further details on your query and also it's relation to using ITS/WEBGUI?
    Regards,
    Oisin

  • Ldap bind mechanism in java

    Hello all,
    Im facing find solution for ldap bind similar to [ldap_bind|http://php.net/manual/en/function.ldap-bind.php] function in php.
    it seems easy and nice.
    I had look around the web and some forums and got direction to use this
    But this is not similar solution as in php.
    ldap_bind use only conection, userName and password dont know nothing about password hash method and will verify credentials as valid or invalid.
    Anyone have informaiton or ideas how to do it in java?
    Petr, cz
    Edited by: PetrCZ on May 19, 2010 11:22 PM
    Edited by: PetrCZ on May 19, 2010 11:23 PM

    You don't need to know the LDAP hash at all to do a bind and user password check. That's against security - why would a administrator let anyone know what hashing he uses - thats letting an important piece of your security out (even though thesemodern hashes are pretty much ir-reversible)
    All you need is use Sun JNDI code to do a bind , use authentication method Simple and then gives user's id and password in clear-text. Directory server will itself take care of converting clear text password passed by you and comparing it with hashed user password in LDAP.
    From your code perspective if you get a DirContext back - your bind was successful otherwise you will get a NamingEnumeration exception.
    try reading through DirContext InitialDirContext ... just do a random search and you should get numerous helper code over internet.

  • Augmented users LDAP bind

    Is there a way to bind augmented users, say via "ldapsearch", or make a web authentication by LDAP bind.
    How is apple's collaboration suite authenticating Augmented users.
    Have tried most compinations and just cant bind Augmented users via LDAP.

    Sorry, I posted at wrong location.

  • [svn:cairngorm3:] 17187: Fixed binding issue on the source property of the contact's picture

    Revision: 17187
    Revision: 17187
    Author:   [email protected]
    Date:     2010-08-04 13:44:35 -0700 (Wed, 04 Aug 2010)
    Log Message:
    Fixed binding issue on the source property of the contact's picture
    Modified Paths:
        cairngorm3/trunk/samples/insync/insync-modularExtended-contacts/src/insync/contacts/prese ntation/ContactForm.mxml

    Revision: 17187
    Revision: 17187
    Author:   [email protected]
    Date:     2010-08-04 13:44:35 -0700 (Wed, 04 Aug 2010)
    Log Message:
    Fixed binding issue on the source property of the contact's picture
    Modified Paths:
        cairngorm3/trunk/samples/insync/insync-modularExtended-contacts/src/insync/contacts/prese ntation/ContactForm.mxml

  • [svn:cairngorm3:] 17186: Fixed binding issue on the source property of the contact's picture

    Revision: 17186
    Revision: 17186
    Author:   [email protected]
    Date:     2010-08-04 13:43:41 -0700 (Wed, 04 Aug 2010)
    Log Message:
    Fixed binding issue on the source property of the contact's picture
    Modified Paths:
        cairngorm3/trunk/samples/insync/insync-basic/src/insync/presentation/ContactForm.mxml

    Revision: 17186
    Revision: 17186
    Author:   [email protected]
    Date:     2010-08-04 13:43:41 -0700 (Wed, 04 Aug 2010)
    Log Message:
    Fixed binding issue on the source property of the contact's picture
    Modified Paths:
        cairngorm3/trunk/samples/insync/insync-basic/src/insync/presentation/ContactForm.mxml

  • LDAP Authentication Issues

    I hope someone can help me with these issues:
    ISSUE 1
    I am attempting to get WebLogic to authenticate to NDS via LDAP. Currently this is
    working but only by using the "bind" option for User Authentication when setting
    up the LDAP realm. The issue that I am having is that I need NDS to perform the authentication
    for me and to return just a "yes" or "no" answer. This would imply that the user
    authentication method to use is "external". However, everytime we setup "external"
    on the LDAP Realm, WebLogic DOES NOT startup - it complains of an invalid user authentication
    mechanism.
    ISSUE 2
    The second issue involves setting up the WebLogic LDAPRealm to cater for more than
    one group.
    The NDS server consists of a tree with about 5 organisational units. Each of the
    organisational unit (OU) is a logical division of the business. Users that will use
    the product we are implementing will fall into two of the five OUs. There seems to
    be no way in WebLogic 6.0 to specifiy more that one group in the LDAP realm settings.
    This implies that the WebLogic groups need to lie at root level, which make absolutely
    no sense structurally. Also given that there are 2000 users on the system and they
    all have different NDS contexts, searching for users when authenticating is going
    to affect the performance and response time of WebLogic.
    How can I setup various contexts in WLS' LDAPRealm?

    I hope someone can help me with these issues:
    ISSUE 1
    I am attempting to get WebLogic to authenticate to NDS via LDAP. Currently this is
    working but only by using the "bind" option for User Authentication when setting
    up the LDAP realm. The issue that I am having is that I need NDS to perform the authentication
    for me and to return just a "yes" or "no" answer. This would imply that the user
    authentication method to use is "external". However, everytime we setup "external"
    on the LDAP Realm, WebLogic DOES NOT startup - it complains of an invalid user authentication
    mechanism.
    ISSUE 2
    The second issue involves setting up the WebLogic LDAPRealm to cater for more than
    one group.
    The NDS server consists of a tree with about 5 organisational units. Each of the
    organisational unit (OU) is a logical division of the business. Users that will use
    the product we are implementing will fall into two of the five OUs. There seems to
    be no way in WebLogic 6.0 to specifiy more that one group in the LDAP realm settings.
    This implies that the WebLogic groups need to lie at root level, which make absolutely
    no sense structurally. Also given that there are 2000 users on the system and they
    all have different NDS contexts, searching for users when authenticating is going
    to affect the performance and response time of WebLogic.
    How can I setup various contexts in WLS' LDAPRealm?

Maybe you are looking for

  • No total recall after change from Windows Logic Platinum 5.5.1 to Intel Mac

    Hi Logic-users, up to now I was using Logic 5.5.1 on a Windows-PC. Some days ago I changed over to Intel Mac and Logic 7.2.3. When opening a 5.5.1-Song it is converted from ASIO to Core Audio. But then I got a problem with spectrasonics Stylus RMX wh

  • NVIDIA and external monitor

    W520, Windows 7 (64 bit), NVIDIA Quadro 1000M 2GB DDR3, purchased November 2011. Problems (related?): -External monitor remains unrecognized when connected to W520. -NVIDIA not recognized or working.   Maybe reason external monitor not recognized? Tr

  • Anyone know of Acrobat 8 training on forms and interactivity (not beginner)

    Does anyone know of any good professional training videos for Mac users? I've been searching for some really good online videos (free or paid, as long as they are good!) particularly for creating complex forms with lots of interactivity. Most of the

  • XMLSocket NULL byte generation

    Hi, I'm trying to get an external script to communicate with an application instance running on my Flash Interactive Media Server installation. I've got the following server side actionscript in my AppStart(): this.socket = new XMLSocket("test"); thi

  • Business Object Demo System

    Hi, We are planning to install BO in our organization as a demo version. can any one please let me know what is the price to purchase a Demo version. and also please let me know what are the list of stuff i need to buy along with that. appreciate you