Hi Marvin and Paul Thanks for that - problem solved
John Baker ICT Operations Manager Tel: 01472 875000 Ext: 157 Fax: 01472 875019 EMAIL DISCLAIMER/CONFIDENTIALITY STATEMENT This email message and any attachments are confidential and intended for the addressee(s) only. If they have come to you in error then you must not disclose, copy or distribute the contents to anyone. Please notify sender of the error and ensure you delete the message and any attachments from your system. Franklin College accepts no responsibility for computer viruses and recommends that the addressee check for viruses before opening any attachments. Any views or opinions presented are solely those of the author and do not necessarily represent those of Franklin College. The college does not accept legal responsibility for those views. The Internet is not secure and therefore Franklin College does not accept legal responsibility for the contents of this message. Please note that Franklin College may intercept inbound and outbound messages. -----Original Message----- From: Vitty, Paul [mailto:[email protected]] Sent: 16 February 2010 17:18 To: [email protected] Subject: Re: [cas-user] CAS LDAP authentication problem We are using FastBind to our Active directory, and we use in the form of: [email protected] So if your Active Directory domain is ad.school.ad.uk you just add that on to the end of the user ID, saves having to look up the full CN. Thanks Paul On 16 Feb 2010, at 17:13, Marvin Addison wrote: > I see from your deployerConfigContext.xml that you're using the > FastBind handler with a DN of the form > sAMAcountName=%u,dc=domain,dc=ac,dc=uk. I'm fairly certain that AD > DNs don't look like that; on the contrary they are typically something > like CN=Administrator,OU=Users,dc=domain,dc=ac,dc=uk. You can > certainly authenticate users by sAMAccountName, but you'll likely have > to use the Bind handler, which performs the typical 2-phase LDAP > search-and-bind authentication. See > http://www.ja-sig.org/wiki/display/CASUM/LDAP for more information on > the different use cases of Bind and FastBind. > > Additionally, don't forget to remove > org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordA uthenticationHandler > from your list of authentication handlers before you go to production. > > M > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user > This email and any attachments are confidential and intended solely for the use of the addressee and may contain information which is covered by legal, professional or other privilege. If you have received this email in error please notify the system manager at [email protected]. The University's computer systems may be monitored and communications carried on them recorded to secure the effective operation of the system and for other lawful purposes. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
