Any one can help me here?
On Tuesday, July 31, 2018 at 1:50:46 PM UTC+5:30, Jay wrote:
>
> Hi Everyone,
>
> Has any one faced the following issue when trying to change a password in
> Active Directory through LDAP.
>
> org.ldaptive.LdapException: javax.naming.NoPermissionException: [LDAP:
> error code 50 - 00000005: SecErr: DSID-031A1256, problem 4003 (
> INSUFF_ACCESS_RIGHTS), data 0
> ]; remaining name 'CN=test1,OU=People,OU=Palm
> Drive,OU=LNSS,DC=dev-<domain>,DC=net'
>
> Is it something to do with the Bind account or any settings that I am
> missing in the CAS application.
>
> Below is my LDAP properties defined for Password change functionality.
>
> cas.authn.pm.ldap.type=AD
> cas.authn.pm.ldap.ldapUrl=ldaps://<dev-ldapserver>:636/
> cas.authn.pm.ldap.baseDn=DC=dev-<domain>,DC=net
> cas.authn.pm.ldap.bindDn=CN=wls,OU=People,OU=LTI,DC=dev-<domain>,DC=net
> cas.authn.pm.ldap.bindCredential=********
> cas.authn.pm.ldap.searchFilter=sAMAccountName={user}
>
> We have separate CAS properties defined for LDAP as below
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].ldapUrl=ldaps://<dev-ldapserver>:636/
> cas.authn.ldap[0].baseDn=DC=dev-<domain>,DC=net
> cas.authn.ldap[0].bindDn=CN=wls,OU=People,OU=LTI,DC=dev-<domain>,DC=net
> cas.authn.ldap[0].bindCredential=********
> cas.authn.ldap[0].searchFilter=sAMAccountName={user}
>
>
> Your inputs is much appreciated.
>
> Thanks & Regards,
> Jay
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c7f71a60-e6c7-4a4b-8dc8-748303cec6ce%40apereo.org.
