Hello,
I have IS 5.0.0 running, with the shipped LDAP server and a secondary user
store configured to connect to our internal VDS server. Internally we have a
complex tree structure. I create an internal user role called
Internal/LocalAdmin and the "All Permissions" checkbox is selected for this
role. I searched for my internal LDAP user and assigned it to the
Internal/LocalAdmin role.
I added the "DomainName" property to the UserManager configuration of the
internal LDAP server and the secondary user store, but I don't think that it
does anything.
When I try to log in with one of the internal user, such as
"Sanofi\michael.eyre", I am seeing these log messages:
TID: [0] [IS] [2015-04-08 10:41:45,611] ERROR
{org.apache.directory.shared.ldap.codec.LdapMessageGrammar} - Incorrect DN
given : uid=sanofi\michael.eyre,ou=Users,dc=wso2,dc=org (0x75 0x69 0x64 0x3D
0x73 0x61 0x6E 0x6F 0x66 0x69 0x5C 0x6D 0x69 0x63 0x68 0x61 0x65 0x6C 0x2E 0x65
0x79 0x72 0x65 0x2C 0x6F 0x75 0x3D 0x55 0x73 0x65 0x72 0x73 0x2C 0x64 0x63 0x3D
0x77 0x73 0x6F 0x32 0x2C 0x64 0x63 0x3D 0x6F 0x72 0x67 ) is invalid :
unexpected token: m {org.apache.directory.shared.ldap.codec.LdapMessageGrammar}
TID: [0] [IS] [2015-04-08 10:41:45,611] ERROR
{org.apache.directory.shared.ldap.codec.LdapMessageGrammar} - Incorrect DN
given : uid=sanofi\michael.eyre,ou=Users,dc=wso2,dc=org (0x75 0x69 0x64 0x3D
0x73 0x61 0x6E 0x6F 0x66 0x69 0x5C 0x6D 0x69 0x63 0x68 0x61 0x65 0x6C 0x2E 0x65
0x79 0x72 0x65 0x2C 0x6F 0x75 0x3D 0x55 0x73 0x65 0x72 0x73 0x2C 0x64 0x63 0x3D
0x77 0x73 0x6F 0x32 0x2C 0x64 0x63 0x3D 0x6F 0x72 0x67 ) is invalid :
unexpected token: m {org.apache.directory.shared.ldap.codec.LdapMessageGrammar}
TID: [0] [IS] [2015-04-08 10:41:45,736] ERROR
{org.apache.directory.shared.ldap.codec.LdapMessageGrammar} - Invalid root DN
given : uid=sanofi\michael.eyre,ou=Users,dc=wso2,dc=org (0x75 0x69 0x64 0x3D
0x73 0x61 0x6E 0x6F 0x66 0x69 0x5C 0x6D 0x69 0x63 0x68 0x61 0x65 0x6C 0x2E 0x65
0x79 0x72 0x65 0x2C 0x6F 0x75 0x3D 0x55 0x73 0x65 0x72 0x73 0x2C 0x64 0x63 0x3D
0x77 0x73 0x6F 0x32 0x2C 0x64 0x63 0x3D 0x6F 0x72 0x67 ) is invalid :
unexpected token: m {org.apache.directory.shared.ldap.codec.LdapMessageGrammar}
TID: [0] [IS] [2015-04-08 10:41:45,736] ERROR
{org.apache.directory.shared.ldap.codec.LdapMessageGrammar} - Invalid root DN
given : uid=sanofi\michael.eyre,ou=Users,dc=wso2,dc=org (0x75 0x69 0x64 0x3D
0x73 0x61 0x6E 0x6F 0x66 0x69 0x5C 0x6D 0x69 0x63 0x68 0x61 0x65 0x6C 0x2E 0x65
0x79 0x72 0x65 0x2C 0x6F 0x75 0x3D 0x55 0x73 0x65 0x72 0x73 0x2C 0x64 0x63 0x3D
0x77 0x73 0x6F 0x32 0x2C 0x64 0x63 0x3D 0x6F 0x72 0x67 ) is invalid :
unexpected token: m {org.apache.directory.shared.ldap.codec.LdapMessageGrammar}
When you look at the log entries, it is searching "ou=Users,dc=wso2,dc=org",
not "dc=vds,dc=enterprise". The configuration for "ou=Users,dc=wso2,dc=org" is
in the user-mtg.xml file and the "dc=vds,dc=enterprise" is in the Sanofi.xml
file (secondary user store file).
After reading the documentation, I thought that if the user is not found in the
primary user store, it would search the secondary user store before failing.
It does not look like it is doing that. Is there some configuration that I am
missing?
Thanks for helping.
Michael Eyre
[email protected]<mailto:[email protected]>
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
