Re: lookupUserFromDN to Active Directory fails after 405 upgrade

[Thomas Draier]

do you mean that you still have the same error, but only when accessing  
group members ? you were getting the exact same exception when listing  
all users without the patch ? that is quite strange, as the same  
context is used for all methods in the JahiaUserManagerLDAPProvider ..?  
i don't really know how active directory organize its data - do you  
have any idea of the referrals configuration on your ad server ? it  
looks like jndi cannot follow a reference on another server because of  
an authentication issue. maybe you can try to change your credentials  
as explained in  
http://www-10.lotus.com/ldd/lsforum.nsf/0/ 
cd28ce081e3ebc5685256e5c005ce15c?OpenDocument . also i don't know why  
it was working on jahia 4.0.4 - many changes have been made on the  
group members resolution, but not really on the global user/group  
search . if this is the only solution i believe you can use the 4.0.4  
classes for both providers.
thomas

Le 25 janv. 05, � 10:43, Pascal a �crit :
Thx Thomas!
After patching the JahiaUserManagerLDAPProvider (tagged with  
JAHIA_4_0_5 in the CVS) and adding "users.ldap.refferal = follow" to  
the users.ldap.properties I was able to lookup users in Active  
Directory from the Jahia Administration panels.

There's still one minor issue when looking up groups that didn't occur  
to me until now: the Active Directory groups appear, but the lookup of  
users for each group (so that the user list can be displayed between  
brackets after each group name) fails with a similar error (see stack  
trace below). Adding the "groups.ldap.refferal = follow" to the  
groups.ldap.properties and restarting Jahia does not help.

For what it's worth: did I mention user- and group-lookup for Active  
Directory were OK in version 4.0.4?

thx again for your time
pascal
2005-01-25 10:05:33,004 WARN usermanager.JahiaUserManagerLDAPProvider  
lookupUserFromDN - JNDI warning
javax.naming.PartialResultException. Root exception is
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:  
LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data  
52e, v893
at  
com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java: 
90)
at  
com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferral 
Exception.java:148)
at  
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(LdapNamingEnum 
eration.java:350)
at  
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumerati 
on.java:223)
at  
com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.j 
ava:186)
at  
org.jahia.services.usermanager.JahiaUserManagerLDAPProvider.lookupUserF 
romDN(JahiaUserManagerLDAPProvider.java:900)
at  
org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider.getGroupMe 
mbers(JahiaGroupManagerLDAPProvider.java:1327)
at  
org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider.ldapToJahi 
aGroup(JahiaGroupManagerLDAPProvider.java:1008)
at  
org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider.searchGrou 
ps(JahiaGroupManagerLDAPProvider.java:636)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at  
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.ja 
va:79)
at  
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso 
rImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at  
org.jahia.services.usermanager.JahiaGroupManagerRoutingService.routeCal 
l(JahiaGroupManagerRoutingService.java(Compiled Code))
at  
org.jahia.services.usermanager.JahiaGroupManagerRoutingService.searchGr 
oups(JahiaGroupManagerRoutingService.java:762)
at  
org.jahia.data.viewhelper.principal.PrincipalViewHelper.getGroupSearchR 
esult(PrincipalViewHelper.java:385)
at  
org.jahia.admin.users.ManageGroups.displayGroupList(ManageGroups.java: 
255)
at  
org.jahia.admin.users.ManageGroups.userRequestDispatcher(ManageGroups.j 
ava:144)
at org.jahia.admin.users.ManageGroups.<init>(ManageGroups.java:121)
at  
org.jahia.bin.JahiaAdministration.userRequestDispatcher(JahiaAdministra 
tion.java:388)
at  
org.jahia.bin.JahiaAdministration.service(JahiaAdministration.java: 
245)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
and also

2005-01-25 10:05:33,064 WARN usermanager.JahiaUserManagerLDAPProvider  
lookupUserFromDN - JNDI warning
javax.naming.NoInitialContextException: Need to specify class name in  
environment or system property, or as an applet parameter, or in an  
application resource file: java.naming.factory.initial
at  
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java: 
652)
at  
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:256)
at  
javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java: 
293)
at  
javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(Init 
ialDirContext.java:98)
at  
javax.naming.directory.InitialDirContext.search(InitialDirContext.java: 
251)
at  
org.jahia.services.usermanager.JahiaUserManagerLDAPProvider.getUsers(Ja 
hiaUserManagerLDAPProvider.java:1492)
at  
org.jahia.services.usermanager.JahiaUserManagerLDAPProvider.lookupUserF 
romDN(JahiaUserManagerLDAPProvider.java:898)
at  
org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider.getGroupMe 
mbers(JahiaGroupManagerLDAPProvider.java:1327)
at  
org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider.ldapToJahi 
aGroup(JahiaGroupManagerLDAPProvider.java:1008)
at  
org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider.searchGrou 
ps(JahiaGroupManagerLDAPProvider.java:636)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at  
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.ja 
va:79)
at  
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso 
rImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at  
org.jahia.services.usermanager.JahiaGroupManagerRoutingService.routeCal 
l(JahiaGroupManagerRoutingService.java(Compiled Code))
at  
org.jahia.services.usermanager.JahiaGroupManagerRoutingService.searchGr 
oups(JahiaGroupManagerRoutingService.java:762)
at  
org.jahia.data.viewhelper.principal.PrincipalViewHelper.getGroupSearchR 
esult(PrincipalViewHelper.java:385)
at  
org.jahia.admin.users.ManageGroups.displayGroupList(ManageGroups.java: 
255)
at  
org.jahia.admin.users.ManageGroups.userRequestDispatcher(ManageGroups.j 
ava:144)
at org.jahia.admin.users.ManageGroups.<init>(ManageGroups.java:121)
at  
org.jahia.bin.JahiaAdministration.userRequestDispatcher(JahiaAdministra 
tion.java:388)
at  
org.jahia.bin.JahiaAdministration.service(JahiaAdministration.java: 
245)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

----- Original Message ----- From: "Thomas Draier"  
<[EMAIL PROTECTED]>
To: <dev_list@jahia.org>
Sent: Monday, January 24, 2005 7:06 PM
Subject: Re: lookupUserFromDN to Active Directory fails after 405  
upgrade


hi pascal,
i've made the change on the JAHIA-4-0-BRANCH and created a patch for
this version, but you can also apply it on the JAHIA_4_0_5. strangely
the patch is already applied on JahiaGroupManagerLDAPProvider - you
only need to change JahiaUserManagerLDAPProvider. then try to set the
parameter users.ldap.refferal to "follow" instead of the default
"ignore" in your property file.
thomas




Le 24 janv. 05, � 18:43, Pascal a �crit :
I'll try that, but could you point me to the correct version of the
sourcefiles I should start with when applying the suggested fix?
I'm guessing these are the right versions, but I'm not sure
http://cvspub.jahia.org/cgi-bin/cvsweb.cgi/jahia/src/java/org/jahia/
services/usermanager/Attic/JahiaGroupManagerLDAPProvider.java?
only_with_tag=JAHIA_4_0_5
http://cvspub.jahia.org/cgi-bin/cvsweb.cgi/jahia/src/java/org/jahia/
services/usermanager/Attic/JahiaUserManagerLDAPProvider.java?
only_with_tag=JAHIA_4_0_5
tia
pascal
----- Original Message ----- From: "Thomas Draier"
<[EMAIL PROTECTED]>
To: <dev_list@jahia.org>
Sent: Monday, January 24, 2005 3:29 PM
Subject: Re: lookupUserFromDN to Active Directory fails after 405
upgrade
hi,
this may be related to a referral server problem, as described in
http://www.mail-archive.com/dev_list@jahia.org/msg00235.html . a patch
was provided at that time, but it think it's not in 4.0.5, only in the
cvs head - you can try to add the parameter described by anton in the
connectToPublicDir method . but the complete stack trace would be
useful for a better understanding of the problem.
thomas
Le 24 janv. 05, � 14:40, Pascal a �crit :
Both in the administration and in the user rights panels for
containers, looking up users in Active Directory yields the following
 errors.
Lookup of Active Directory groups works and login to the site with an
Active Directory user is no problem. The new settings in
group-router-config.xml and router-config.xml appear to be configured
correctly, including the
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory> setting to which
the problem seems related.
usermanager.JahiaUserManagerLDAPProvider lookupUserFromDN - JNDI
warning
javax.naming.PartialResultException. Root exception is
javax.naming.AuthenticationException: [LDAP: error code 49 -
80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext
error, data  52e, v893
<snip>
WARN usermanager.JahiaUserManagerLDAPProvider lookupUserFromDN - JNDI
warning
javax.naming.NoInitialContextException: Need to specify class name in
environment or system property, or as an applet parameter, or in an
application resource file: java.naming.factory.initial
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:
652)
Any help is appreciated
pascal