I think the response from Danny is more to the point. This seems to be the LDAP plug-in and not the sample plug-in you were talking about (given the name). To wit: AREA.SSO vs. ARSYS.AREA.LDAP Cheers Ben
_____ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Rodriguez, Rafael J x23718 Sent: May 25, 2010 6:45 PM To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Thanks Ben I've checked this and all seems ok from network communication standpoint. _____ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Ben Chernys Sent: Tuesday, May 25, 2010 8:41 AM To: [email protected] Subject: FW: BMC's Sample SSO White Paper/Code ** Also check actual communication. ie traceroute / tracert and telnet ... May be a firewall issue. Cheers Ben _____ From: Ben Chernys [mailto:[email protected]] Sent: May 25, 2010 2:33 PM To: '[email protected]' Subject: RE: BMC's Sample SSO White Paper/Code >From your own logs: <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */<ARSYS.AREA.LDAP> <SEVERE> Bind: Can't connect to the LDAP server (LDAPERR Code 91) from winldap.h LDAP_CONNECT_ERROR = 0x5b, (same error codes in UNIX) 0x5b == 91 in decimal. Suggest you check communication to LDAP and setting thereof: ports, servers etc. Cheers Ben Chernys Senior Software Architect Software Tool House Inc. Canada / Deutschland / Germany Mobile: +49 171 380 2329 GMT + 1 + [ DST ] Email: <mailto:[email protected]> Ben.Chernys _AT_ softwaretoolhouse.com Web: <http://www.softwaretoolhouse.com/> www.softwaretoolhouse.com Check out Software Tool House's free Diary Editor. Meta-Update, our premium ARS Data tool, lets you automate your imports, migrations, in no time at all, without programming, without staging forms, without merge workflow. <http://www.softwaretoolhouse.com/> <http://www.softwaretoolhouse.com/> http://www.softwaretoolhouse.com/ _____ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Rodriguez, Rafael J x23718 Sent: May 25, 2010 2:18 PM To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Danny this is what I'm getting on the failed server: <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */+VL AREAVerifyLoginCallback -- user v096brtt <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINEST> AREAVerifyLoginCallback <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> ldap_init("jsqremedy2", 389) <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> connect timeout previously: -1 <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> connect timeout used: 35000 <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> ldap_simple_bind("null", null) <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */<ARSYS.AREA.LDAP> <SEVERE> Bind: Can't connect to the LDAP server (LDAPERR Code 91) <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */<ARSYS.AREA.LDAP> <SEVERE> Bind: ldap_simple_bind failed [null] <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */-VL FAIL This is what I get on my qa server: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */+VL AREAVerifyLoginCallback -- user v096raro <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Username: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> v096raro <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Network Address: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> 149.83.18.20 <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Auth String: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Qk1DIFJlbWVkeSBBUlN5c3RlbQ== <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Login request not coming from the BOXI-IP, checking MID-TIER-IP's... <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> User logging in from a matching Authentication String and Mid-Tier IP: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> 149.83.18.20 <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> User passed AREA SSO authentication. Login Success <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */-VL OK <PLGN> <TID: 000776> <RPC ID: 0000000422> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7180 */+NS AREANeedToSyncCallback <PLGN> <TID: 000776> <RPC ID: 0000000422> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7180 */-NS OK -- 0 <PLGN> <TID: 002876> <RPC ID: 0000000014> <Queue: Prv: 10005> <Client-RPC: 999999> /* Tue May 25 2010 08:12:04.0480 */Plug-In Trace Log -- OFF _____ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Danny Kellett Sent: Monday, May 24, 2010 3:07 PM To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Sorry Rafael, I didn't see you replied. The log is not verbose enough. Make sure you have the plugin log level set to ALL From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Zaayer, Ben (Information Technology) Sent: 24 May 2010 19:46 To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Rafael, we are using the same plug-in provided by BMC's sample code and have a config file, areasso.cfg on the AR Server, that must contain all of the Mid Tier IP addresses, as well as any load-balanced virtual IPs or it will give that error message. Also, on the Mid Tier box make sure that your config.properties and sso.properties in the WEB-INF\classes directories are configured properly. Almost every time we have run into this error it was because one of the Mid Tier or load balanced IPs changed. Ben From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Rodriguez, Rafael J x23718 Sent: Saturday, May 22, 2010 3:48 PM To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Hello Danny here is a sample of my arplugin log ..snip.. _attend WWRUG10 www.wwrug.com ARSlist: "Where the Answers Are"_ This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. _attend WWRUG10 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are"
