Very close, thanks. I ran the following yum commands to get things going:
To support DIGEST-MD5 auth: sudo yum install cyrus-sasl-md5 For testing LDAP access from command-line: sudo yum install openldap-clients And optionally for HTTPS support (and generating certs and keys): sudo yum install mod_ssl openssl This is for RedHat and CentOS, you may need different commands on other OS.. Cheers, Geert On 4/7/15, 10:40 PM, "Christopher Hamlin" <[email protected]> wrote: >This? > >https://help.marklogic.com/Knowledgebase/Article/View/152/0/ldap-authentic >ation-and-authorization > >On Tue, Apr 7, 2015 at 4:38 PM, Geert Josten <[email protected]> >wrote: >> Hi, >> >> Yes, I think you need to make sure a certain library is installed on the >> MarkLogic host. I need to look it up though.. >> >> Cheers, >> Geert >> >> From: Sudheer Yalaverthi <[email protected]> >> Reply-To: MarkLogic Developer Discussion >><[email protected]> >> Date: Tuesday, April 7, 2015 at 8:06 PM >> To: MarkLogic Developer Discussion <[email protected]> >> Subject: Re: [MarkLogic Dev General] LDAP integration with MarkLogic for >> authentication - How to use bind user for authentication MarkLogic with >>LDAP >> server >> >> Hi Geert, >> >> >> >> I have tried in the Qconsole with the xdmp:ldap-lookup function. I am >> getting the below error. >> >> >> >> [1.0-ml] XDMP-LDAP: xdmp:ldap-lookup(REMOVED ACTUALTEXT HERE) -- LDAP >>Error: >> ldap_sasl_interactive_bind_s err: Unknown authentication method (-6) >> >> >> >> >> >> Any thoughts? Also is there a way I can get more information in the >>error >> log files? It looks like there are no trace events related to this. >> >> >> >> >> >> >> >> Sudheer >> >> >> >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Geert >>Josten >> Sent: Tuesday, April 07, 2015 2:32 PM >> To: MarkLogic Developer Discussion >> Subject: Re: [MarkLogic Dev General] LDAP integration with MarkLogic for >> authentication - How to use bind user for authentication MarkLogic with >>LDAP >> server >> >> >> >> Hi Sudheer, >> >> >> >> If you set auth method to ldap, with internal security false, and >>external >> security to the name of you external security config, then it will take >>the >> ldap default user/password to authenticate itself against LDAP, and then >> verify the user entered values. Make sure to provide a correct ldap >>base and >> ldap attribute where the login name should be found. You can verify from >> Qconsole with for instance http://docs.marklogic.com/xdmp:ldap-lookup >> >> >> >> Cheers, >> >> Geert >> >> >> >> From: Sudheer Yalaverthi <[email protected]> >> Reply-To: MarkLogic Developer Discussion >><[email protected]> >> Date: Tuesday, April 7, 2015 at 7:11 PM >> To: MarkLogic Developer Discussion <[email protected]> >> Subject: [MarkLogic Dev General] LDAP integration with MarkLogic for >> authentication - How to use bind user for authentication MarkLogic with >>LDAP >> server >> >> >> >> Hi >> >> >> >> >> >> I am trying to use LDAP external authentication for one of my http >>servers. >> Here is what I have tried. >> >> >> >> I created an external configuration object with LDAP for authentication >>and >> authorization. I have provided the bind user in the configuration. In >>the >> app server (http server), I have set the authentication to basic, >>internal >> security to false, external security to the new configuration object I >> created and default user to a user that exists on MarkLogic security >> database. >> >> >> >> When I try to access the app server, I am prompted user login window and >> when I try giving a user credentials that exist on LDAP, I am getting >>the >> below error. >> >> >> >> >> >> 2015-04-07 18:40:38.259 Info: External authentication failed:cd1user1 >> >> >> >> >> >> In my organization, LDAP bind user is required from any application to >> authenticate first with LDAP server to access the LDAP server. But >>based on >> the MarkLogic documentation bind user is used only when the >>authentication >> is set to Kerberos and authorization to ldap. How do I tell MarkLogic >>to >> use the bind user during authentication with LDAP so that MarkLogic >>server >> gets authenticated with LDAP server and then searches the LDAP server >>for >> the user I am trying to log in with? >> >> >> >> >> >> >> >> Thanks, >> >> Sudheer >> >> >> >> >> >> --- >> This communication may contain confidential and/or privileged >>information. >> If you are not the intended recipient (or have received this >>communication >> in error) please notify the sender immediately and destroy this >> communication. Any unauthorized copying, disclosure or distribution of >>the >> material in this communication is strictly forbidden. >> >> Deutsche Bank does not render legal or tax advice, and the information >> contained in this communication should not be regarded as such. >> >> >> >> --- >> This communication may contain confidential and/or privileged >>information. >> If you are not the intended recipient (or have received this >>communication >> in error) please notify the sender immediately and destroy this >> communication. Any unauthorized copying, disclosure or distribution of >>the >> material in this communication is strictly forbidden. >> >> Deutsche Bank does not render legal or tax advice, and the information >> contained in this communication should not be regarded as such. >> >> _______________________________________________ >> General mailing list >> [email protected] >> Manage your subscription at: >> http://developer.marklogic.com/mailman/listinfo/general >> >_______________________________________________ >General mailing list >[email protected] >Manage your subscription at: >http://developer.marklogic.com/mailman/listinfo/general _______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
