Re: [lsc-users] SSL over LDAP issue

Wed, 02 Nov 2011 05:01:15 -0700 

Hi Brian,

Can you setup the DEBUG level and pastebin the exception ?

Regards,

-- 
Sebastien BAHLOUL
IAM / Security specialist
Ldap Synchronization Connector : http://lsc-project.org
Blog : http://sbahloul.wordpress.com/



2011/11/2 Rohler, Brian L <[email protected]>

> I've have followed the instructions at
> http://lsc-project.org/wiki/documentation/1.2/howtos/ssltls but I still
> can't get a connection to AD.
>
> Nov 01 16:06:08 - INFO  - Starting sync for user
> Nov 01 16:06:08 - INFO  - Connecting to LDAP server
> ldap://localhost/DC=example,DC=org as cn=search,dc=example,dc=org
> Nov 01 16:06:09 - INFO  - Connecting to LDAP server ldaps://
> server.example.org/DC=example,DC=local as
> CN=administrator,CN=Users,DC=example,DC=local
> Nov 01 16:06:09 - ERROR - Error opening the LDAP connection to the
> destination!
>
> What else am I doing wrong? Connection to port 389 works great. The
> firewall has port 389 and 636 open on inbound connections.
>
>
> #########################################################################################
> # Destination Server Configuration for Active Directory
>
> #########################################################################################
> # This section is mandatory since all synchronizations currently go to an
> LDAP directory.
> # Connection URL. This must include a valid LDAP context.
> dst.java.naming.provider.url = ldaps://
> server.example.org/DC=example,DC=local
> dst.java.naming.security.authentication = simple
> dst.java.naming.tls = true
> dst.java.naming.security.principal =
> CN=administrator,CN=Users,DC=example,DC=local
> dst.java.naming.security.credentials = secret
> dst.java.naming.referral = ignore
> dst.java.naming.ldap.derefAliases = never
> dst.java.naming.ldap.pageSize=1000
> dst.java.naming.ldap.sortedBy=sAMAccountName
> dst.java.naming.factory.initial = com.sun.jndi.ldap.LdapCtxFactory
> dst.java.naming.ldap.version = 3
>
>
>
> _______________________________________________________________
> Ldap Synchronization Connector (LSC) - http://lsc-project.org
>
> lsc-users mailing list
> [email protected]
> http://lists.lsc-project.org/listinfo/lsc-users
>
>

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Reply via email to