We are using FastBind to our Active directory, and we use in the form of: [email protected]
So if your Active Directory domain is ad.school.ad.uk you just add that on to the end of the user ID, saves having to look up the full CN. Thanks Paul On 16 Feb 2010, at 17:13, Marvin Addison wrote: > I see from your deployerConfigContext.xml that you're using the > FastBind handler with a DN of the form > sAMAcountName=%u,dc=domain,dc=ac,dc=uk. I'm fairly certain that AD > DNs don't look like that; on the contrary they are typically something > like CN=Administrator,OU=Users,dc=domain,dc=ac,dc=uk. You can > certainly authenticate users by sAMAccountName, but you'll likely have > to use the Bind handler, which performs the typical 2-phase LDAP > search-and-bind authentication. See > http://www.ja-sig.org/wiki/display/CASUM/LDAP for more information on > the different use cases of Bind and FastBind. > > Additionally, don't forget to remove > org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler > from your list of authentication handlers before you go to production. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > This email and any attachments are confidential and intended solely for the use of the addressee and may contain information which is covered by legal, professional or other privilege. If you have received this email in error please notify the system manager at [email protected]. The University's computer systems may be monitored and communications carried on them recorded to secure the effective operation of the system and for other lawful purposes. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
