Hi Robert, > Here are my LDAP-settings in dspace.cfg: > > ldap.enable = true > ldap.provider_url = ldap://our.ldap.uni-osnabrueck.de > ldap.id_field = uid > ldap.object_context = cn=people,dc=Uni-Osnabrueck,dc=de > ldap.search_context = ou=people > ldap.email_field = mail > ldap.surname_field = sn > ldap.givenname_field = givenName > ldap.phone_field = telephoneNumber > webui.ldap.autoregister = true > plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \ > org.dspace.authenticate.LDAPAuthentication, \ > org.dspace.authenticate.PasswordAuthentication
Try setting ldap.search.context to be the same value as ldap.object.context. > I see two possibilities where things can go wrong, but I have no idea > how to make them right: > > 1. The DSpace documentation notes about 'ldap.object_context' that it is > "appended to the ldap.id_field and username". This looks to my that > DSpace builds the DN using id_field and object_context. Our LDAP > administrator says that in this caste the id_field would be 'cn' and the > users must login using their "Common Name" and not their uid. But even > when I try the 'cn'-value as login name, I get the same error (with the > 'cn'-value as 'netid'). If that is the case, use cn rather than uid. > 2. As far as I know it is necessary to query the LDAP-server an > access-login and -password is needed. But I could not find any place to > set these in DSpace. What happens is that the user who is logging in to DSpace provides their username and password. DSpace uses these to login (bind) to the LDAP service, and to extract their details to create the account. So you do not need to provide a separate username and password. (Some LDAP setups do require this if users are scattered across different branches of a tree. A username and password is required to find where the user is, and then the user's username and password are used to login as per normal). Try using an LDAP browser (e.g. http://www-unix.mcs.anl.gov/~gawor/ldap/download.html). Test your settings in this, and once they work, enter them into the DSpace configuration. The LDAP browser is a lot easier to use and diagnose connection problems with, than directly in DSpace. Good luck, Stuart _________________________________________________________________ Gwasanaethau Gwybodaeth Information Services Prifysgol Aberystwyth Aberystwyth University E-bost / E-mail: [EMAIL PROTECTED] Ffon / Tel: (01970) 622860 _________________________________________________________________ ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
