Felix
Am 08.02.22 um 19:13 schrieb Michael Santangelo:
I changed my config to: cas.authn.ldap[0].order=0 cas.authn.ldap[0].name=Tech Active Directory cas.authn.ldap[0].type=AD cas.authn.ldap[0].ldapUrl=ldap://<hostname>:389 cas.authn.ldap[0].validatePeriod=270 cas.authn.ldap[0].poolPassivator=NONE cas.authn.ldap[0].searchFilter=sAMAccountName={user} cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=... cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=... cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=... cas.authn.ldap[0].bindCredential=<a password>And now it's working for people in that OU... Time to see if I can expand it to the entire Staff OU...On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:Hello all, Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP working. I built an Ubuntu VM and did initial setup by doing: 1. git clone https://github.com/apereo/cas-overlay-template 2. I did some initial config changes in the cas.properties to get SSL up and running 3. Ran sudo ./gradlew clean copyCasConfiguration build run 4. I can login using the casuser and the default password as expected. This part is all working fine. So I tried adding LDAP support by: 1. Modify build.gradle by adding implementation "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}" to the dependencies section. 2. Modify cas.properties by adding: # Disable casuser cas.authn.accept.users= # LDAP Servers Authenticated cas.authn.ldap[0].ldapUrl=ldap://<ldap server ip>:389 #cas.authn.ldap[0].usessl=false cas.authn.ldap[0].useStartTls=false cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=... cas.authn.ldap[0].bindCredential=<the password> # LDAP Servers Authenticated # Search For CAS User cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=... cas.authn.ldap[0].subtreeSearch=true #cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user})) #cas.authn.ldap[0].searchFilter=uid={user} cas.authn.ldap[0].searchFilter=sAMAaccountName={user} #cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn # Search for CAS User 3. Ran sudo ./gradlew clean copyCasConfiguration build run The page loads as usual. I am unable to login as casuser, which is expected. I cannot login with any domain credentials. In the log I get an error: 2022-02-08 15:43:49,567 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <[LdapAuthenticationHandler] exception details: [Unable to resolve user dn for <a username>].> So I tried to verify that the server can connect via LDAP: ldapsearch -H ldap://<ldap server ip>:389 -D "CN=cas bind,CN=Users,DC=..." -W samaccountname=<a username> -b "OU=Technology,OU=Staff,DC=..." -v And I receive a valid result. I'm not sure where the disconnect is, or what else I should search for. Any tips or suggestions that you could provide would be helpful. I'm attaching the output of Task :run. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG ---You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/bff98751-3a50-4786-81a9-cc38a6228cc4n%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/bff98751-3a50-4786-81a9-cc38a6228cc4n%40apereo.org?utm_medium=email&utm_source=footer>.
-- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG--- You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dad9c50c-89b1-bb0a-acb4-40fda83823c1%40internetallee.de.
OpenPGP_0xEA6C3728EA91C4AF.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature