I have been tasked with setting up DSpace in my environment and getting it working with LDAP for user authentication.
I've gone through every article on the site, tried every combination of settings in the authentication-ldap.cfg file and can't seem to get it to work. The only error I receive is: ldap_authentication:type=failed_auth javax.naming.AuthenticationException\colon; [LDAP\colon; error code 49 - 80090308\colon; LdapErr\colon; DSID-0C0903D9, comment\colon; AcceptSecurityContext error, data 52e, v2580 ] Running DSPACE 5 on Windows Server 2012 R2 Here are my settings: authentication-ldap.enable = true authentication-ldap.autoregister = true authentication-ldap.provider_url = ldap://ldap.domain.com:389 authentication-ldap.id_field = sAMAcoountName authentication-ldap.object_context = dc=domain,dc=com authentication-ldap.search_context = dc=domain,dc=com authentication-ldap.email_field = mail authentication-ldap.surname_field = sn authentication-ldap.givenname_field = givenName authentication-ldap.search_scope = 2 #authentication-ldap.search.anonymous = false authentication-ldap.search.user = cn=user,ou=someou,dc=domain,dc=com authentication-ldap.search.password = password I used an LDAP browsing tool from the server with the service account I am attempting to use for Dspace and was able to run queries with it against our AD server. I also used ldapsearch on a UNIX box and the specified credentials and that worked as well so I am fairly certain the issue is with Dspace. Domain users reside in multiple OUs that are one level down from the root for example, cn=user1,ou=Contractors,dc=domain,dc=com and so on for FTEs, vendors and other types of employees. -- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/dspace-tech. For more options, visit https://groups.google.com/d/optout.
