Hi guys, I'm having a huge problem trying to make work LDAP Authentication 
as many of you also did. I've tried also the solutions proposed here but 
nothing works for me. I'd really appreciate if you can give me some hints 
that could help me solving this problem:

my 'authentication-ldap.cfg' is as follows:

authentication-ldap.enable = true
authentication-ldap.autoregister = false
authentication-ldap.provider_url = ldap://intranet.mpba.mp.br:389/
authentication-ldap.id_field = sAMAccountName
#authentication-ldap.object_context = ou=Funcionarios
authentication-ldap.search_context = 
OU=Funcionarios\,DC=intranet\,DC=mp\,DC=ba\,DC=gov\,DC=br
authentication-ldap.email_field = mail 
authentication-ldap.surname_field = sn
authentication-ldap.givenname_field = givenName
authentication-ldap.phone_field = telephoneNumber
#authentication-ldap.login.specialgroup = group-name
authentication-ldap.search_scope = 2
#authentication-ldap.search.anonymous = false
authentication-ldap.search.user = CN=sisd.dspace\,OU=Usuarios de 
sistema\,DC=intranet\,DC=mp\,DC=ba\,DC=gov\,DC=br
authentication-ldap.search.password = password
authentication-ldap.netid_email_domain = @mpba.mp.br
#authentication-ldap.login.groupmap.1 = ou=ldap-dept1:dspace-group1
#authentication-ldap.login.groupmap.2 = ou=ldap-dept2:dspace-groupA
#authentication-ldap.login.groupmap.3 = ou=ldap-dept3:dspace-groupA
#authentication-ldap.login.groupmap.attribute = group
#authentication-ldap.login.groupmap.1 = ldap-dept1:dspace-group1
#authentication-ldap.login.groupmap.2 = ldap-dept2:dspace-groupA
#authentication-ldap.login.groupmap.3 = ldap-dept3:dspace-groupA

# Enables support for StartTLS (default is false). If this flag is true be 
sure provider_url looks like:
# ldap://ldap.myu.edu:389
#authentication-ldap.starttls=true 

I have two authentication methods on and my 'authentication.cfg' is as 
follows:

plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \ 
org.dspace.authenticate.PasswordAuthentication,\ 
org.dspace.authenticate.LDAPAuthentication

My problem is.. Dspace is saying that my credentials are wrong as you can 
see here by the attached photo. I know it seems like I'm giving the wrong 
information (username and password) but I think something else is 
happening. Something really strange happens too: my 
'authentication-ldap.provider_url' attribute inside 
'authentication-ldap.cfg' seems to be partially commented (its blue 
colored). So I don't know if it's really being taking in consideration. 
(It's because of '//')

Thanks in advance for helping me!!!

Em quarta-feira, 12 de julho de 2017 17:55:43 UTC-3, Tim Cullings escreveu:
>
> I have been tasked with setting up DSpace in my environment and getting it 
> working with LDAP for user authentication.  
>
> I've gone through every article on the site, tried every combination of 
> settings in the authentication-ldap.cfg file and can't seem to get it to 
> work.  The only error I receive is:
>
> ldap_authentication:type=failed_auth 
> javax.naming.AuthenticationException\colon; [LDAP\colon; error code 49 - 
> 80090308\colon; LdapErr\colon; DSID-0C0903D9, comment\colon; 
> AcceptSecurityContext error, data 52e, v2580 ]
>
> Running DSPACE 5 on Windows Server 2012 R2
>
> Here are my settings:
>
> authentication-ldap.enable = true
> authentication-ldap.autoregister = true
> authentication-ldap.provider_url = ldap://ldap.domain.com:389
> authentication-ldap.id_field = sAMAcoountName
> authentication-ldap.object_context = dc=domain,dc=com
> authentication-ldap.search_context = dc=domain,dc=com
> authentication-ldap.email_field = mail
> authentication-ldap.surname_field = sn
> authentication-ldap.givenname_field = givenName
> authentication-ldap.search_scope = 2
> #authentication-ldap.search.anonymous = false
> authentication-ldap.search.user = cn=user,ou=someou,dc=domain,dc=com
> authentication-ldap.search.password = password
>
> I used an LDAP browsing tool from the server with the service account I am 
> attempting to use for Dspace and was able to run queries with it against 
> our AD server.  I also used ldapsearch on a UNIX box and the specified 
> credentials and that worked as well so I am fairly certain the issue is 
> with Dspace.  Domain users reside in multiple OUs that are one level down 
> from the root for example,  cn=user1,ou=Contractors,dc=domain,dc=com and so 
> on for FTEs, vendors and other types of employees.
>

-- 
All messages to this mailing list should adhere to the DuraSpace Code of 
Conduct: https://duraspace.org/about/policies/code-of-conduct/
--- 
You received this message because you are subscribed to the Google Groups 
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to dspace-tech+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/dspace-tech/34529f48-6452-492d-9f13-65ae9719c9d1%40googlegroups.com.

Reply via email to