Re: [Dspace-tech] Can't get LDAP to work in DSpace 1.5.1 - Please HELP!

Tue, 27 Oct 2009 03:27:06 -0700 

Sounds like you are using Windows Active Directory as your LDAP service.
 
It is quite normal in these circumstances for the passwords not to be
stored there.
 
I've got dspace working with Windows AD & here are the entries from my
dspace.cfg file:
 
1. It is very important to have a trailing / here:
 
ldap.provider_url = ldap://jmu.ac.uk:389/

2. For Windows AD you should have:
 
ldap.id_field = sAMAccountName

3. Soma LDAP servers don't allow anonymous binds:
 
ldap.search.user = [email protected] <mailto:[email protected]> 
ldap.search.password = changeme
 
As you've browsed using a free LDAP browser like JExplorer you should
know what these values should be for your site. This would also seem tio
rule out a Firewall issue.
 
Dave Wynne
Senior Technical Officer
School of Computing and Maths
Liverpool John Moores University
Byrom Street
Liverpool L2 2AF
E-Mail: [email protected]
Tel:0151-231-2108 


________________________________

        From: Thornton, Susan M. (LARC-B702)[RAYTHEON TECHNICAL SERVICES
COMPANY] [mailto:[email protected]] 
        Sent: 26 October 2009 13:37
        To: Mark H. Wood; [email protected]
        Subject: Re: [Dspace-tech] Can't get LDAP to work in DSpace
1.5.1 - Please HELP!
        
        

        We are getting error:

         

        32    LDAP_NO_SUCH_OBJECT     20    No such object    The
specified object does not exist in the directory.

         

        I put some displays in LDAPServlet.java and here is what I'm
getting when I try to enter my username (it's in a field called
"agencyUID"):

        2009-10-26 09:28:22,278 INFO
org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=567AE3ACFD839A70BE84ED443557B907:ip_addr=xxxxxxxxxx
:login:type=ldap,netid=suethorn

        2009-10-26 09:28:22,302 INFO
org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=567AE3ACFD839A70BE84ED443557B907:ip_addr=xxxxxxxxxx
:display:security_principal=ou=people,dc=nasa,dc=gov

        2009-10-26 09:28:22,311 INFO
org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=567AE3ACFD839A70BE84ED443557B907:ip_addr=xxxxxxxxxx
:login:type=ldap_search_context =ou=people,dc=nasa,dc=gov

        2009-10-26 09:28:22,311 WARN
org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=567AE3ACFD839A70BE84ED443557B907:ip_addr=xxxxxxxxxx
:ldap_authentication:type=failed_auth
javax.naming.AuthenticationException: [LDAP: error code 32 - No Such
Object]

         

         

        This is a critical project we should have had implemented weeks
ago...and we're at a loss so any help you can provide would really be
appreciated.  I've tried everything I know to try.  One last question -
should I be able to see where the password is stored thru the ldap
browser?  I don't see an actual password field there.

         

        Thanks,

        Sue

         

         

         

        -----Original Message-----
        From: Mark H. Wood [mailto:[email protected]] 
        Sent: Friday, October 23, 2009 12:14 PM
        To: [email protected]
        Subject: Re: [Dspace-tech] Can't get LDAP to work in DSpace
1.5.1 - Please HELP!

         

        Please tell us in what way it fails to work.  (Doesn't
authenticate;

        authenticates but doesn't auto-register; something else) What
errors

        might DSpace be logging when you try this?

         

        Hmmm, yes, if the DN is built using employeenumber and you tell
DSpace

        that the unique identifier is agencyUID, that could be a
problem.

        It's going to use agencyUID=someone to bind to the directory in
order

        to validate credentials, and that isn't the name of the object.
If

        you need to provide logon by agencyUID then you're going to need
to be

        able to tell the code to look up by one attribute but form the
binding

        DN using another, having looked up the object by the former and

        retrieved the latter.  I don't see that DSpace can do that yet.

         

        -- 

        Mark H. Wood, Lead System Programmer   [email protected]

        Friends don't let friends publish revisable-form documents.


------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
  • Re: [D... Mark H. Wood
    • R... Thornton, Susan M. (LARC-B702)[RAYTHEON TECHNICAL SERVICES COMPANY]
      • ... Wynne, David
      • ... Mark H. Wood
        • ... Thornton, Susan M. (LARC-B702)[RAYTHEON TECHNICAL SERVICES COMPANY]
          • ... Stuart Lewis
            • ... Thornton, Susan M. (LARC-B702)[RAYTHEON TECHNICAL SERVICES COMPANY]

Reply via email to