Hi Danny,
I have faced a similar situation in Linux environment. My environment was missing cyrus-sasl-md5. After I installed it and restarted my MarkLogic instance, it worked. sudo yum install cyrus-sasl-md5 You might need a similar one for your windows server as well to work with MD5 but not sure what you need to install on windows. I haven't tried xdmp:ldap-lookup() but I tried xdmp:ldap-search() earlier. This one does not use the external config object I believe. But this function also did not work for me until I installed the MD5. Hope this helps. Thanks, Sudheer From: [email protected] [mailto:[email protected]] On Behalf Of Danny Sinang Sent: Wednesday, July 29, 2015 11:31 AM To: general Subject: [MarkLogic Dev General] External Authentication Failed I'm running ML 8.0-3 on Windows Server 2012 and I've created an External Security configuration to authenticate an ML app against Active Directory. Its settings go like this : external security name : dom1 ldap server url : ldap://dom1.company.com:389<http://dom1.company.com:389> authentication : ldap authorization : ldap ldap base : ou=UserAccounts,dc=dom1,dc=company,dc=com ldap attribute : sAMAccountName ldap default user : cn=aduser,ou=ServiceAccounts,ou=UserAccounts,dc=dom1,dc=company,dc=com ldap bind method : MD5 And then I configured the ML app to have these settings : [Inline image 1] The app prompts me for my username and password, but authentication always fails and I get this error message : 2015-07-29 11:26:56.266 Debug: LDAP user dsinang not found in login cache 2015-07-29 11:26:56.282 Debug: LDAPClient: XDMP-LDAP: LDAP Error: ldap_bind_s: Invalid Credentials (49) 2015-07-29 11:26:56.282 Debug: HTTPServer externalAuthenticate with ldap for dsinang failed 2015-07-29 11:26:56.282 Info: External authentication failed:dsinang What could I be missing and how do I test the External Security Config settings ? Also, does the xdmp:ldap-lookup() function rely on the above settings ? Regards, Danny --- This communication may contain confidential and/or privileged information. If you are not the intended recipient (or have received this communication in error) please notify the sender immediately and destroy this communication. Any unauthorized copying, disclosure or distribution of the material in this communication is strictly forbidden. Deutsche Bank does not render legal or tax advice, and the information contained in this communication should not be regarded as such.
_______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
