Hello. I want to connect the repository server through Windows Active Directory, but Registering Authority Connection was not working. Please tell me if you know something.
1) AuthorityConnection error occurs when registering. Connection status was not "Connection Working". At Crawler UI,I specify domain controllers --Windows2008R2 (VM), and save button. Connection status: Threw exception: 'Authentication problem authenticating admin user' ad...@mcf.org ': [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0904D0, comment: AcceptSecurityContext error, data 52e, v1db0]' "data 52e" is likely to be invalid credentials error. http://www.coderanch.com/t/490367/Security/javax-naming-AuthenticationException-LDAP-error Next, At Crawler UI,I specify domain controllers --Windows2003 (VM), and save button. Connection status: Threw exception: 'Authentication problem authenticating admin user' ad...@mcf.org ': [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece]' The result code seems to be different (data 52e/data 0) by OS. 2) My environment. I set the same configuration for both OS. Domain Controller: 192.168.11.12 User: ad...@mcf.org Password: P@ssw0rd In Active Directory, Domain is "mcf.org". "Admin"(username) belongs to the Administrators group,and "user1" belongs to the Users group. And I prepared the repository server (WindowsXP).This server belongs to "mcf.org". On the repository server, Admin and user1 can allow to access shared folders. 3)I tried to test for connection. The user tried the following pattern. But the connection failed. 1.ad...@mcf.org 2.mcf.org \ \ Admin 3.mcf \ Admin Password tried the following pattern. But the connection failed. 1.P@ssw0rd 2.P@ssw0rd convert by the URL encoding. P%40ssw0rd 3.MD5-s "P@ssw0rd" convert to set the hash value. Please tell me how to correct registration. (By the way, even in ManifoldCFinAction, on screen image it failed to connect.) 4) I checked the Security Event Log of Windows. Event Log said that the user failed to login (unspecified). On the other hand, When I use LDAPSEARCH(free software tool), I successfully login. http://www.brothersoft.com/ldapsearch-255199.html Comparing between LDAPSEARCH and MCF, authentication process / package seems to be different. In Event Log, MCF(login failed) process / package is "WDIGEST" / "Wdigest". LDAPSEARCH(can login) process / packages is "Advapi" / "Negotiate". ActiveDirectoryAuthority.getSession () set Context.SECURITY_AUTHENTICATION. the SECURITY_AUTHENTICATION defines not "simple" but "DIGEST-MD5 GSSAPI". Does it have any reason? I guess there are any problems in this area. I think it is a difficult problem, but I want to determine whether by my environment or by MCF. Please tell me if you have any ideas, points to be checked. Thank you. Regards, Shinichiro Abe
