You can edit the AD schema and tell attributes to show in the global catalog or 
tell it to ignore the referrals ( which all AD servers issue ). See the 
ignorePartialResultException below.

<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
                                 p:filter="samaccountname=%u"
                                 p:searchBase="dc=xx,dc=xx,dc=xx"
                                 p:contextSource-ref="contextSource"
                                 p:ignorePartialResultException="true"

From: Jason Everling [mailto:[email protected]] 
Sent: Friday, June 05, 2015 2:31 PM
To: [email protected]
Subject: Re:[cas-user] Help with Attributes

This is so wierd!

If I use the Global Catalog I can use the root domain but NO attributes are 
passed! If I specify an actual OU container and use the standard ldaps port, 
attributes ARE passed. I cannot use specific containers though since we have 
users all over throughout our domain,

How can I fix this?

Jason



On Fri, Jun 5, 2015 at 10:25 AM, Jason Everling <[email protected]> wrote:
I actually got it working now but I have a small issue

If I put our root DN for the baseDN instead of an OU where some accounts are it 
errors out,

Unprocessed Continuation Reference(s); nested exception is 
javax.naming.PartialResultException: Unprocessed Continuation Reference(s); 
remaining name 'dc=test,dc=com'

How can I add the our base dc domain? Users are scattered all out and not 1 
specific OU

JASON

On Fri, Jun 5, 2015 at 9:33 AM, Jason Everling <[email protected]> wrote:
We have been using CAS 3.5.3 for sometime now and have never needed the 
attributes. I now need to deploy an application that is restricted by an 
attribute value.

I added the required items to deployerConifg but the attributes never get 
queried, I don't see any mention in the logs for an attempt.

I also checked through forums and my configs look the same so I am stuck.

Please help! I have attached debug logs and deployerConfig

Jason





CONFIDENTIALITY NOTICE:
This e-mail together with any attachments is proprietary and confidential; 
intended for only the recipient(s) named above and may contain information that 
is privileged. You should not retain, copy or use this e-mail or any 
attachments for any purpose, or disclose all or any part of the contents to any 
person. Any views or opinions expressed in this e-mail are those of the author 
and do not represent those of the Baptist School of Health Professions. If you 
have received this e-mail in error, or are not the named recipient(s), you are 
hereby notified that any review, dissemination, distribution or copying of this 
communication is prohibited by the sender and to do so might constitute a 
violation of the Electronic Communications Privacy Act, 18 U.S.C. section 
2510-2521. Please immediately notify the sender and delete this e-mail and any 
attachments from your computer. 

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to