This? https://help.marklogic.com/Knowledgebase/Article/View/152/0/ldap-authentication-and-authorization
On Tue, Apr 7, 2015 at 4:38 PM, Geert Josten <[email protected]> wrote: > Hi, > > Yes, I think you need to make sure a certain library is installed on the > MarkLogic host. I need to look it up though.. > > Cheers, > Geert > > From: Sudheer Yalaverthi <[email protected]> > Reply-To: MarkLogic Developer Discussion <[email protected]> > Date: Tuesday, April 7, 2015 at 8:06 PM > To: MarkLogic Developer Discussion <[email protected]> > Subject: Re: [MarkLogic Dev General] LDAP integration with MarkLogic for > authentication - How to use bind user for authentication MarkLogic with LDAP > server > > Hi Geert, > > > > I have tried in the Qconsole with the xdmp:ldap-lookup function. I am > getting the below error. > > > > [1.0-ml] XDMP-LDAP: xdmp:ldap-lookup(REMOVED ACTUALTEXT HERE) -- LDAP Error: > ldap_sasl_interactive_bind_s err: Unknown authentication method (-6) > > > > > > Any thoughts? Also is there a way I can get more information in the error > log files? It looks like there are no trace events related to this. > > > > > > > > Sudheer > > > > From: [email protected] > [mailto:[email protected]] On Behalf Of Geert Josten > Sent: Tuesday, April 07, 2015 2:32 PM > To: MarkLogic Developer Discussion > Subject: Re: [MarkLogic Dev General] LDAP integration with MarkLogic for > authentication - How to use bind user for authentication MarkLogic with LDAP > server > > > > Hi Sudheer, > > > > If you set auth method to ldap, with internal security false, and external > security to the name of you external security config, then it will take the > ldap default user/password to authenticate itself against LDAP, and then > verify the user entered values. Make sure to provide a correct ldap base and > ldap attribute where the login name should be found. You can verify from > Qconsole with for instance http://docs.marklogic.com/xdmp:ldap-lookup > > > > Cheers, > > Geert > > > > From: Sudheer Yalaverthi <[email protected]> > Reply-To: MarkLogic Developer Discussion <[email protected]> > Date: Tuesday, April 7, 2015 at 7:11 PM > To: MarkLogic Developer Discussion <[email protected]> > Subject: [MarkLogic Dev General] LDAP integration with MarkLogic for > authentication - How to use bind user for authentication MarkLogic with LDAP > server > > > > Hi > > > > > > I am trying to use LDAP external authentication for one of my http servers. > Here is what I have tried. > > > > I created an external configuration object with LDAP for authentication and > authorization. I have provided the bind user in the configuration. In the > app server (http server), I have set the authentication to basic, internal > security to false, external security to the new configuration object I > created and default user to a user that exists on MarkLogic security > database. > > > > When I try to access the app server, I am prompted user login window and > when I try giving a user credentials that exist on LDAP, I am getting the > below error. > > > > > > 2015-04-07 18:40:38.259 Info: External authentication failed:cd1user1 > > > > > > In my organization, LDAP bind user is required from any application to > authenticate first with LDAP server to access the LDAP server. But based on > the MarkLogic documentation bind user is used only when the authentication > is set to Kerberos and authorization to ldap. How do I tell MarkLogic to > use the bind user during authentication with LDAP so that MarkLogic server > gets authenticated with LDAP server and then searches the LDAP server for > the user I am trying to log in with? > > > > > > > > Thanks, > > Sudheer > > > > > > --- > This communication may contain confidential and/or privileged information. > If you are not the intended recipient (or have received this communication > in error) please notify the sender immediately and destroy this > communication. Any unauthorized copying, disclosure or distribution of the > material in this communication is strictly forbidden. > > Deutsche Bank does not render legal or tax advice, and the information > contained in this communication should not be regarded as such. > > > > --- > This communication may contain confidential and/or privileged information. > If you are not the intended recipient (or have received this communication > in error) please notify the sender immediately and destroy this > communication. Any unauthorized copying, disclosure or distribution of the > material in this communication is strictly forbidden. > > Deutsche Bank does not render legal or tax advice, and the information > contained in this communication should not be regarded as such. > > _______________________________________________ > General mailing list > [email protected] > Manage your subscription at: > http://developer.marklogic.com/mailman/listinfo/general > _______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
