> I'm not > getting the attributes mapped in the resultAttributeMapping.
I see you're searching at the directory root, which in AD generally contains _many_ referrals. This is a complicated situation for which most LDAP components do not have an optimal solution. The core problem is that there is no defined ordering by the Java JNDI provider of "real" results and referrals such that if your result set happens to have referrals before meaningful results, you will lose them all since the JNDI provider throws ReferralException on the _first_ referral. A good technical reference for your options is http://code.google.com/p/vt-middleware/wiki/vtldapAD, even if it's not specific to spring-ldap, person-directory, or CAS. Based on my experience with AD issues in CAS, the best option would be to set the JNDI environment property java.naming.referral to "throw", http://java.sun.com/products/jndi/tutorial/ldap/referral/jndi.html, which will force ordering of normal results _before_ referrals and throw com.sun.jndi.ldap.LdapReferralException on the first referral encountered. Sadly, none of the LDAP components in CAS supports this usage. Your best bet, then, at present is to attempt to formulate a query or queries that will search at higher levels of the directory where referrals are unlikely. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
