Hi Olli, I just want to double check that you also built the matterhorn-userdirectory-ldap module when you deployed your server. You can check that it is installed by going to:
http://hostname:8080/system/console/bundles Searching for matterhorn-userdirectory-ldap and making sure that it is marked as active. If it is missing you will need to go to your Matterhorn source directory and run: mvn clean install -DdeployTo=/opt/matterhorn/felix/matterhorn -Pdirectory-ldap For each of your servers and restart the Matterhorn service. Cheers, Adam -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Christopher Brooks Sent: Tuesday, September 06, 2011 11:06 AM To: [email protected]; Hansen, Collene Subject: Re: [Opencast Matterhorn] Ldap installation problem Hi Olli, Here are the directions our ldap integration person, Collene Hansen, (on cc) gave me: They need to make a few changes, from what I can tell from the config they provided: -In /opt/matterhorn/felix/conf/system.properties, make sure the following line is uncommented: org.osgi.framework.system.packages.extra=com.sun.jndi.ldap,com.sun.net.ssl.internal.ssl -In /opt/matterhorn/felix/conf/config.properties, make sure the following line is uncommented: org.osgi.framework.system.packages.extra=com.sun.jndi.ldap,com.sun.net.ssl.internal.ssl -In /opt/matterhorn/felix/conf/factories/org.opencastproject.userdirectory.ldap.LdapUserProvider.properties: It looks like they haven't added the userDn and password to the list of keys. They should change their keys property to the following: keys=org.opencastproject.userdirectory.ldap.url,org.opencastproject.userdirectory.ldap.searchbase,\ org.opencastproject.userdirectory.ldap.searchfilter,org.opencastproject.userdirectory.ldap.cache.size,\ org.opencastproject.userdirectory.ldap.cache.expiration,org.opencastproject.userdirectory.ldap.roleattributes,\ org.opencastproject.userdirectory.ldap.org,org.opencastproject.userdirectory.ldap.userDn,\ org.opencastproject.userdirectory.ldap.password Chris On Tue, 06 Sep 2011 13:21:39 +0300 Olli Salo <[email protected]> wrote: > > Hi all you Matterhorn gurus! > > We're currently trying to integrate our Matterhorn 1.2 setup to our > LDAP. So far we've been successful in setting the ldapuserprovider > settings in > > /opt/matterhorn/felix/conf/factories/ > org.opencastproject.userdirectory.ldap.LdapUserProvider.properties > > -file, where we've set ldap server urls for ssl-enabled ldaps > connections etc. However, according to our ldap sysadmin, our > Matterhorn server is unable to make a proper bind to the ldap server. > Our Matterhorn server queries the ldap server with username, but it > doesn't try to authenticate with a password. > > We have tried to follow e.g. the instructions in the following thread > > http://opencast.3480289.n2.nabble.com/JIRA-Studio-Commented-MH-7805-En > able-authenticated-LDAP-searches-in-LDAPUserProvider-td6472140.html > > but we're stuck as we don't know whether we should also modify e.g. > > /opt/matterhorn/felix/conf/config.properties and if we should, how? > Thus, we'd really appreciate any insight on how you have managed to > join your MH installations to your ldap and make user authentication > + ldap group role retrieval work. > > Yours, Olli Salo > > PS: our ldapuserprovider config is shown under the signature > -- Christopher Brooks, BSc, MSc ARIES Laboratory, University of Saskatchewan Web: http://www.cs.usask.ca/~cab938 Phone: 1.306.966.1442 Mail: Advanced Research in Intelligent Educational Systems Laboratory Department of Computer Science University of Saskatchewan 176 Thorvaldson Building 110 Science Place Saskatoon, SK S7N 5C9 _______________________________________________ Matterhorn mailing list [email protected] http://lists.opencastproject.org/mailman/listinfo/matterhorn To unsubscribe please email [email protected] _______________________________________________ _______________________________________________ Matterhorn mailing list [email protected] http://lists.opencastproject.org/mailman/listinfo/matterhorn To unsubscribe please email [email protected] _______________________________________________
