RE: problem with LDAP (3.2.2)
It’s working now, here my config file for those interessted.
ldap_conn_host=ldapint1.fadq.qc
ldap_conn_port=389
ldap_conn_secure=false
ldap_admin_dn=cn=ldapproxy,OU=Comptes de service,OU=Administration,DC=fadq,DC=qc
ldap_passwd=***
ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc
ldap_search_query=(userPrincipalName=%s)
ldap_search_scope=SUBTREE
ldap_auth_type=SEARCHANDBIND
ldap_userdn_format=uid=%s,OU=Utilisateurs,DC=fadq,DC=qc
ldap_provisionning=AUTOCREATE
ldap_deref_mode=always
ldap_use_admin_to_get_attrs=true
ldap_sync_password_to_om=false
ldap_group_mode=NONE
ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup))
ldap_user_attr_login=userPrincipalName
ldap_user_attr_lastname=sn
ldap_user_attr_firstname=givenName
ldap_user_attr_mail=mail
ldap_user_attr_street=streetAddress
ldap_user_attr_additionalname=description
ldap_user_attr_fax=facsimileTelephoneNumber
ldap_user_attr_zip=postalCode
ldap_user_attr_country=co
ldap_user_attr_town=l
ldap_user_attr_phone=telephoneNumber
ldap_group_attr=memberOf
ldap_use_lower_case=false
ldap_import_query=(objectClass=inetOrgPerson)
De : Maxim Solodovnik [mailto:solomax...@gmail.com]
Envoyé : 3 mai 2017 09:36
À : Openmeetings user-list
Objet : Re: problem with LDAP (3.2.2)
I doubt
ldap_search_query=userPrincipalName
is a valid search query for LDAP
I can recommend you to set up LDAPExplorer and test all these parameters
On Wed, May 3, 2017 at 8:33 PM, Chamberland, Martin
mailto:martin.chamberl...@fadq.qc.ca>> wrote:
I change for : ldap_userdn_format=uid=%s,OU=Utilisateurs,DC=fadq,DC=qc
Error message is now different.
ERROR 05-03 09:31:12.920 o.a.o.c.l.LdapLoginManagement:262
[http-nio-0.0.0.0-5080-exec-6] - Unexpected exception.
org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException: The
filter userPrincipalName is invalid.
Caused by: java.text.ParseException: ERR_04155 No '(' at the beginning of the
filter
Anyone can provide me a exemple file ?
De : Maxim Solodovnik [mailto:solomax...@gmail.com<mailto:solomax...@gmail.com>]
Envoyé : 3 mai 2017 09:29
À : Openmeetings user-list
Objet : Re: problem with LDAP (3.2.2)
I guess no-one can login to your LDAP using following DN:
ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local
%s will be changed with user provided login
Are you sure you need "SIMPLEBIND"?
In this mode DN is constructed using pattern provided
Maybe you need SEARCHANDBIND so user will be searched using your admin DN and
search base?
On Wed, May 3, 2017 at 8:18 PM, Chamberland, Martin
mailto:martin.chamberl...@fadq.qc.ca>> wrote:
There is so much new parameters, i don’t know what to set it ☹
From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257
[http-nio-0.0.0.0-5080-exec-10] - Not authenticated.
ldap_conn_host=ldapint1.fadq.qc
ldap_conn_port=389
ldap_conn_secure=false
# Login distinguished name (DN) for Authentication on LDAP Server - keep empty
if not required
# Use full qualified LDAP DN
#ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local
ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC=fadq,DC=qc
# Loginpass for Authentication on LDAP Server - keep empty if not required
ldap_passwd=
# base to search for userdata(of user, that wants to login)
#ldap_search_base=OU=Company,DC=medint,DC=local
ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc
# Fieldnames (can differ between Ldap servers)
#ldap_search_query=(uid=%s)
ldap_search_query=userPrincipalName
# the scope of the search might be: OBJECT, ONELEVEL, SUBTREE
ldap_search_scope=ONELEVEL
# Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND)
# When using SIMPLEBIND a simple bind is performed on the LDAP server to check
user authentication
# When using NONE, the Ldap server is not used for authentication
ldap_auth_type=SIMPLEBIND
# userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND
# might be used to get provisionningDn in case ldap_auth_type=NONE
ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local
# Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE)
ldap_provisionning=AUTOCREATE
# Ldap deref mode (never, searching, finding, always)
ldap_deref_mode=always
# Set this to 'true' if you want to use admin_dn to get user attributes
# If any other value is set, user_dn will be used
ldap_use_admin_to_get_attrs=true
# Ldap-password synchronization to OM DB
# Set this to 'true' if you want OM to synchronize the user Ldap-password to
OM's internal DB
# If you want to disable the feature, set this to any other string.
# Defautl value is 'true'
#ldap_sync_password_to_om=true
ldap_sync_password_to_om=false
# Ldap group mode (NONE, ATTRIBUTE, QUERY)
# NONE means group associations will be ignored
# ATTRIBUTE means group associations will be taken from 'ldap_group_attr'
attribute (M$ AD mode)
# QUERY means group associations will be taken as a result of
'ldap_group_query' query
ldap_group_mode
Re: problem with LDAP (3.2.2)
Sounds like a good plan :)
On Wed, May 3, 2017 at 8:39 PM, Chamberland, Martin <
martin.chamberl...@fadq.qc.ca> wrote:
> I have LDAP Apache Directory Studio install on my Linux Debian workstation.
>
> Let me try to find good parameters.
>
>
>
> *De :* Maxim Solodovnik [mailto:solomax...@gmail.com]
> *Envoyé :* 3 mai 2017 09:36
> *À :* Openmeetings user-list
> *Objet :* Re: problem with LDAP (3.2.2)
>
>
>
> I doubt
>
> ldap_search_query=userPrincipalName
>
> is a valid search query for LDAP
>
>
>
> I can recommend you to set up LDAPExplorer and test all these parameters
>
>
>
> On Wed, May 3, 2017 at 8:33 PM, Chamberland, Martin <
> martin.chamberl...@fadq.qc.ca> wrote:
>
> I change for : ldap_userdn_format=uid=%s,OU=Utilisateurs,DC=fadq,DC=qc
>
>
>
> Error message is now different.
>
>
>
> ERROR 05-03 09:31:12.920 o.a.o.c.l.LdapLoginManagement:262
> [http-nio-0.0.0.0-5080-exec-6] - Unexpected exception.
>
> org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException:
> The filter userPrincipalName is invalid.
>
> Caused by: java.text.ParseException: ERR_04155 No '(' at the beginning of
> the filter
>
>
>
> Anyone can provide me a exemple file ?
>
>
>
>
>
> *De :* Maxim Solodovnik [mailto:solomax...@gmail.com]
> *Envoyé :* 3 mai 2017 09:29
> *À :* Openmeetings user-list
> *Objet :* Re: problem with LDAP (3.2.2)
>
>
>
> I guess no-one can login to your LDAP using following DN:
>
> *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local*
>
> *%s *will be changed with user provided login
>
>
>
> Are you sure you need "SIMPLEBIND"?
>
> In this mode DN is constructed using pattern provided
>
>
>
> Maybe you need SEARCHANDBIND so user will be searched using your admin DN
> and search base?
>
>
>
> On Wed, May 3, 2017 at 8:18 PM, Chamberland, Martin <
> martin.chamberl...@fadq.qc.ca> wrote:
>
> There is so much new parameters, i don’t know what to set it L
>
>
>
> From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257
> [http-nio-0.0.0.0-5080-exec-10] - Not authenticated.
>
>
>
> ldap_conn_host=ldapint1.fadq.qc
>
> ldap_conn_port=389
>
> ldap_conn_secure=false
>
>
>
> # Login distinguished name (DN) for Authentication on LDAP Server - keep
> empty if not required
>
> # Use full qualified LDAP DN
>
> #ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local
>
> ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC=
> fadq,DC=qc
>
>
>
> # Loginpass for Authentication on LDAP Server - keep empty if not required
>
> ldap_passwd=
>
>
>
> # base to search for userdata(of user, that wants to login)
>
> #ldap_search_base=OU=Company,DC=medint,DC=local
>
> ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc
>
>
>
> # Fieldnames (can differ between Ldap servers)
>
> #ldap_search_query=(uid=%s)
>
> ldap_search_query=userPrincipalName
>
>
>
> # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE
>
> ldap_search_scope=ONELEVEL
>
>
>
> # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND)
>
> # When using SIMPLEBIND a simple bind is performed on the LDAP server to
> check user authentication
>
> # When using NONE, the Ldap server is not used for authentication
>
> ldap_auth_type=SIMPLEBIND
>
>
>
> # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND
>
> # might be used to get provisionningDn in case ldap_auth_type=NONE
>
> *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local*
>
>
>
> # Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE)
>
> ldap_provisionning=AUTOCREATE
>
>
>
> # Ldap deref mode (never, searching, finding, always)
>
> ldap_deref_mode=always
>
>
>
> # Set this to 'true' if you want to use admin_dn to get user attributes
>
> # If any other value is set, user_dn will be used
>
> ldap_use_admin_to_get_attrs=true
>
>
>
> # Ldap-password synchronization to OM DB
>
> # Set this to 'true' if you want OM to synchronize the user Ldap-password
> to OM's internal DB
>
> # If you want to disable the feature, set this to any other string.
>
> # Defautl value is 'true'
>
> #ldap_sync_password_to_om=true
>
> ldap_sync_password_to_om=false
>
>
>
>
>
> # Ldap group mode (NONE, ATTRIBUTE, QUERY)
>
> # NONE means group associations will be ignored
>
> # ATTRIBUTE means group associations will be taken from 'ldap_group_attr'
> attribute (M$ AD mode)
>
> # QUERY mean
RE: problem with LDAP (3.2.2)
I have LDAP Apache Directory Studio install on my Linux Debian workstation.
Let me try to find good parameters.
De : Maxim Solodovnik [mailto:solomax...@gmail.com]
Envoyé : 3 mai 2017 09:36
À : Openmeetings user-list
Objet : Re: problem with LDAP (3.2.2)
I doubt
ldap_search_query=userPrincipalName
is a valid search query for LDAP
I can recommend you to set up LDAPExplorer and test all these parameters
On Wed, May 3, 2017 at 8:33 PM, Chamberland, Martin
mailto:martin.chamberl...@fadq.qc.ca>> wrote:
I change for : ldap_userdn_format=uid=%s,OU=Utilisateurs,DC=fadq,DC=qc
Error message is now different.
ERROR 05-03 09:31:12.920 o.a.o.c.l.LdapLoginManagement:262
[http-nio-0.0.0.0-5080-exec-6] - Unexpected exception.
org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException: The
filter userPrincipalName is invalid.
Caused by: java.text.ParseException: ERR_04155 No '(' at the beginning of the
filter
Anyone can provide me a exemple file ?
De : Maxim Solodovnik [mailto:solomax...@gmail.com<mailto:solomax...@gmail.com>]
Envoyé : 3 mai 2017 09:29
À : Openmeetings user-list
Objet : Re: problem with LDAP (3.2.2)
I guess no-one can login to your LDAP using following DN:
ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local
%s will be changed with user provided login
Are you sure you need "SIMPLEBIND"?
In this mode DN is constructed using pattern provided
Maybe you need SEARCHANDBIND so user will be searched using your admin DN and
search base?
On Wed, May 3, 2017 at 8:18 PM, Chamberland, Martin
mailto:martin.chamberl...@fadq.qc.ca>> wrote:
There is so much new parameters, i don’t know what to set it ☹
From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257
[http-nio-0.0.0.0-5080-exec-10] - Not authenticated.
ldap_conn_host=ldapint1.fadq.qc
ldap_conn_port=389
ldap_conn_secure=false
# Login distinguished name (DN) for Authentication on LDAP Server - keep empty
if not required
# Use full qualified LDAP DN
#ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local
ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC=fadq,DC=qc
# Loginpass for Authentication on LDAP Server - keep empty if not required
ldap_passwd=
# base to search for userdata(of user, that wants to login)
#ldap_search_base=OU=Company,DC=medint,DC=local
ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc
# Fieldnames (can differ between Ldap servers)
#ldap_search_query=(uid=%s)
ldap_search_query=userPrincipalName
# the scope of the search might be: OBJECT, ONELEVEL, SUBTREE
ldap_search_scope=ONELEVEL
# Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND)
# When using SIMPLEBIND a simple bind is performed on the LDAP server to check
user authentication
# When using NONE, the Ldap server is not used for authentication
ldap_auth_type=SIMPLEBIND
# userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND
# might be used to get provisionningDn in case ldap_auth_type=NONE
ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local
# Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE)
ldap_provisionning=AUTOCREATE
# Ldap deref mode (never, searching, finding, always)
ldap_deref_mode=always
# Set this to 'true' if you want to use admin_dn to get user attributes
# If any other value is set, user_dn will be used
ldap_use_admin_to_get_attrs=true
# Ldap-password synchronization to OM DB
# Set this to 'true' if you want OM to synchronize the user Ldap-password to
OM's internal DB
# If you want to disable the feature, set this to any other string.
# Defautl value is 'true'
#ldap_sync_password_to_om=true
ldap_sync_password_to_om=false
# Ldap group mode (NONE, ATTRIBUTE, QUERY)
# NONE means group associations will be ignored
# ATTRIBUTE means group associations will be taken from 'ldap_group_attr'
attribute (M$ AD mode)
# QUERY means group associations will be taken as a result of
'ldap_group_query' query
ldap_group_mode=NONE
ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup))
# Ldap user attributes mapping
# Set the following internal OM user attributes to their corresponding
Ldap-attribute
ldap_user_attr_login=uid
ldap_user_attr_lastname=sn
ldap_user_attr_firstname=givenName
ldap_user_attr_mail=mail
ldap_user_attr_street=streetAddress
ldap_user_attr_additionalname=description
ldap_user_attr_fax=facsimileTelephoneNumber
ldap_user_attr_zip=postalCode
ldap_user_attr_country=co
ldap_user_attr_town=l
ldap_user_attr_phone=telephoneNumber
ldap_group_attr=memberOf
# optional, only absolute URLs make sense
#ldap_user_picture_uri=picture_uri
# optional
# the timezone has to match any timezone available in Java, otherwise the
timezone defined in the value of
# the conf_key "default.timezone" in OpenMeetings "configurations" table
#ldap_user_timezone=timezone
# Ldap ignore upper/lower case, convert all input to lower case
ldap_use_lower_case=false
# L
Re: problem with LDAP (3.2.2)
I doubt
ldap_search_query=userPrincipalName
is a valid search query for LDAP
I can recommend you to set up LDAPExplorer and test all these parameters
On Wed, May 3, 2017 at 8:33 PM, Chamberland, Martin <
martin.chamberl...@fadq.qc.ca> wrote:
> I change for : ldap_userdn_format=uid=%s,OU=Utilisateurs,DC=fadq,DC=qc
>
>
>
> Error message is now different.
>
>
>
> ERROR 05-03 09:31:12.920 o.a.o.c.l.LdapLoginManagement:262
> [http-nio-0.0.0.0-5080-exec-6] - Unexpected exception.
>
> org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException:
> The filter userPrincipalName is invalid.
>
> Caused by: java.text.ParseException: ERR_04155 No '(' at the beginning of
> the filter
>
>
>
> Anyone can provide me a exemple file ?
>
>
>
>
>
> *De :* Maxim Solodovnik [mailto:solomax...@gmail.com]
> *Envoyé :* 3 mai 2017 09:29
> *À :* Openmeetings user-list
> *Objet :* Re: problem with LDAP (3.2.2)
>
>
>
> I guess no-one can login to your LDAP using following DN:
>
> *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local*
>
> *%s *will be changed with user provided login
>
>
>
> Are you sure you need "SIMPLEBIND"?
>
> In this mode DN is constructed using pattern provided
>
>
>
> Maybe you need SEARCHANDBIND so user will be searched using your admin DN
> and search base?
>
>
>
> On Wed, May 3, 2017 at 8:18 PM, Chamberland, Martin <
> martin.chamberl...@fadq.qc.ca> wrote:
>
> There is so much new parameters, i don’t know what to set it L
>
>
>
> From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257
> [http-nio-0.0.0.0-5080-exec-10] - Not authenticated.
>
>
>
> ldap_conn_host=ldapint1.fadq.qc
>
> ldap_conn_port=389
>
> ldap_conn_secure=false
>
>
>
> # Login distinguished name (DN) for Authentication on LDAP Server - keep
> empty if not required
>
> # Use full qualified LDAP DN
>
> #ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local
>
> ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC=
> fadq,DC=qc
>
>
>
> # Loginpass for Authentication on LDAP Server - keep empty if not required
>
> ldap_passwd=
>
>
>
> # base to search for userdata(of user, that wants to login)
>
> #ldap_search_base=OU=Company,DC=medint,DC=local
>
> ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc
>
>
>
> # Fieldnames (can differ between Ldap servers)
>
> #ldap_search_query=(uid=%s)
>
> ldap_search_query=userPrincipalName
>
>
>
> # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE
>
> ldap_search_scope=ONELEVEL
>
>
>
> # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND)
>
> # When using SIMPLEBIND a simple bind is performed on the LDAP server to
> check user authentication
>
> # When using NONE, the Ldap server is not used for authentication
>
> ldap_auth_type=SIMPLEBIND
>
>
>
> # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND
>
> # might be used to get provisionningDn in case ldap_auth_type=NONE
>
> *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local*
>
>
>
> # Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE)
>
> ldap_provisionning=AUTOCREATE
>
>
>
> # Ldap deref mode (never, searching, finding, always)
>
> ldap_deref_mode=always
>
>
>
> # Set this to 'true' if you want to use admin_dn to get user attributes
>
> # If any other value is set, user_dn will be used
>
> ldap_use_admin_to_get_attrs=true
>
>
>
> # Ldap-password synchronization to OM DB
>
> # Set this to 'true' if you want OM to synchronize the user Ldap-password
> to OM's internal DB
>
> # If you want to disable the feature, set this to any other string.
>
> # Defautl value is 'true'
>
> #ldap_sync_password_to_om=true
>
> ldap_sync_password_to_om=false
>
>
>
>
>
> # Ldap group mode (NONE, ATTRIBUTE, QUERY)
>
> # NONE means group associations will be ignored
>
> # ATTRIBUTE means group associations will be taken from 'ldap_group_attr'
> attribute (M$ AD mode)
>
> # QUERY means group associations will be taken as a result of
> 'ldap_group_query' query
>
> ldap_group_mode=NONE
>
>
>
> ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup))
>
>
>
> # Ldap user attributes mapping
>
> # Set the following internal OM user attributes to their corresponding
> Ldap-attribute
>
> ldap_user_attr_login=uid
>
> ldap_user_attr_lastname=sn
>
> ldap_user_attr_firstname=givenName
>
> ldap_user_attr_mail=mail
>
> ldap
RE: problem with LDAP (3.2.2)
I change for : ldap_userdn_format=uid=%s,OU=Utilisateurs,DC=fadq,DC=qc
Error message is now different.
ERROR 05-03 09:31:12.920 o.a.o.c.l.LdapLoginManagement:262
[http-nio-0.0.0.0-5080-exec-6] - Unexpected exception.
org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException: The
filter userPrincipalName is invalid.
Caused by: java.text.ParseException: ERR_04155 No '(' at the beginning of the
filter
Anyone can provide me a exemple file ?
De : Maxim Solodovnik [mailto:solomax...@gmail.com]
Envoyé : 3 mai 2017 09:29
À : Openmeetings user-list
Objet : Re: problem with LDAP (3.2.2)
I guess no-one can login to your LDAP using following DN:
ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local
%s will be changed with user provided login
Are you sure you need "SIMPLEBIND"?
In this mode DN is constructed using pattern provided
Maybe you need SEARCHANDBIND so user will be searched using your admin DN and
search base?
On Wed, May 3, 2017 at 8:18 PM, Chamberland, Martin
mailto:martin.chamberl...@fadq.qc.ca>> wrote:
There is so much new parameters, i don’t know what to set it ☹
From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257
[http-nio-0.0.0.0-5080-exec-10] - Not authenticated.
ldap_conn_host=ldapint1.fadq.qc
ldap_conn_port=389
ldap_conn_secure=false
# Login distinguished name (DN) for Authentication on LDAP Server - keep empty
if not required
# Use full qualified LDAP DN
#ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local
ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC=fadq,DC=qc
# Loginpass for Authentication on LDAP Server - keep empty if not required
ldap_passwd=
# base to search for userdata(of user, that wants to login)
#ldap_search_base=OU=Company,DC=medint,DC=local
ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc
# Fieldnames (can differ between Ldap servers)
#ldap_search_query=(uid=%s)
ldap_search_query=userPrincipalName
# the scope of the search might be: OBJECT, ONELEVEL, SUBTREE
ldap_search_scope=ONELEVEL
# Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND)
# When using SIMPLEBIND a simple bind is performed on the LDAP server to check
user authentication
# When using NONE, the Ldap server is not used for authentication
ldap_auth_type=SIMPLEBIND
# userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND
# might be used to get provisionningDn in case ldap_auth_type=NONE
ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local
# Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE)
ldap_provisionning=AUTOCREATE
# Ldap deref mode (never, searching, finding, always)
ldap_deref_mode=always
# Set this to 'true' if you want to use admin_dn to get user attributes
# If any other value is set, user_dn will be used
ldap_use_admin_to_get_attrs=true
# Ldap-password synchronization to OM DB
# Set this to 'true' if you want OM to synchronize the user Ldap-password to
OM's internal DB
# If you want to disable the feature, set this to any other string.
# Defautl value is 'true'
#ldap_sync_password_to_om=true
ldap_sync_password_to_om=false
# Ldap group mode (NONE, ATTRIBUTE, QUERY)
# NONE means group associations will be ignored
# ATTRIBUTE means group associations will be taken from 'ldap_group_attr'
attribute (M$ AD mode)
# QUERY means group associations will be taken as a result of
'ldap_group_query' query
ldap_group_mode=NONE
ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup))
# Ldap user attributes mapping
# Set the following internal OM user attributes to their corresponding
Ldap-attribute
ldap_user_attr_login=uid
ldap_user_attr_lastname=sn
ldap_user_attr_firstname=givenName
ldap_user_attr_mail=mail
ldap_user_attr_street=streetAddress
ldap_user_attr_additionalname=description
ldap_user_attr_fax=facsimileTelephoneNumber
ldap_user_attr_zip=postalCode
ldap_user_attr_country=co
ldap_user_attr_town=l
ldap_user_attr_phone=telephoneNumber
ldap_group_attr=memberOf
# optional, only absolute URLs make sense
#ldap_user_picture_uri=picture_uri
# optional
# the timezone has to match any timezone available in Java, otherwise the
timezone defined in the value of
# the conf_key "default.timezone" in OpenMeetings "configurations" table
#ldap_user_timezone=timezone
# Ldap ignore upper/lower case, convert all input to lower case
ldap_use_lower_case=false
# Ldap import query, this query should retrieve all LDAP users
ldap_import_query=(objectClass=inetOrgPerson)
De : Maxim Solodovnik [mailto:solomax...@gmail.com<mailto:solomax...@gmail.com>]
Envoyé : 3 mai 2017 08:53
À : Openmeetings user-list
Objet : Re: problem with LDAP (3.2.2)
Parameters were updated,
there are more of them
there is no need to specify DN in "weird" format:
OU:Utilisateurs,DC:fadq,DC:qc
it should be specified as "normal" DN:
OU=Utilisateurs,DC=fadq,DC=qc
please grab example config and update it with your cr
Re: problem with LDAP (3.2.2)
no need to restart OM :) On Wed, May 3, 2017 at 8:28 PM, Chamberland, Martin < martin.chamberl...@fadq.qc.ca> wrote: > One quick question, when i changed some parameters in the ldap.cfg > config file, should i restart openmeeting ? > > > > /etc/init.d/red5-ubdeb2 restart > > > > > > *De :* Maxim Solodovnik [mailto:solomax...@gmail.com] > *Envoyé :* 3 mai 2017 08:53 > *À :* Openmeetings user-list > *Objet :* Re: problem with LDAP (3.2.2) > > > > Parameters were updated, > > there are more of them > > there is no need to specify DN in "weird" format: > > OU:Utilisateurs,DC:fadq,DC:qc > > it should be specified as "normal" DN: > > OU=Utilisateurs,DC=fadq,DC=qc > > > > please grab example config and update it with your credentials > > > > > > On Wed, May 3, 2017 at 7:47 PM, Chamberland, Martin < > martin.chamberl...@fadq.qc.ca> wrote: > > Exactly, i just copy over network. > > I was sure parameters are the same, they are not ? > > > > *De :* Maxim Solodovnik [mailto:solomax...@gmail.com] > *Envoyé :* 3 mai 2017 08:46 > *À :* Openmeetings user-list > *Objet :* Re: problem with LDAP (3.2.2) > > > > Additionally your config seems to be copied from OM 1.9 or so > > I would suggest you to take example config and update it line by line with > your server, port, password, etc. > > > > On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik > wrote: > > Thanks for the configuration > > > > you have specified > > ldap_auth_type=SIMPLEBIND > > > > but haven't specified > > ldap_userdn_format=... > > > > additionally ldap_admin_dn doesn't look like DN > > > > please check example config at [1] > > and set all required fields > > > > [1] https://github.com/apache/openmeetings/blob/3.2.x/ > openmeetings-web/src/main/webapp/conf/om_ldap.cfg > > > > On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin < > martin.chamberl...@fadq.qc.ca> wrote: > > We are using AS Windows 2012 > > > > By the way, i have already here a Openmeeting 3.0.3 that is connected > successfully on the same AD > > > > *De :* Wentao Liu [mailto:cscmu...@aliyun.com] > *Envoyé :* 3 mai 2017 00:21 > *À :* Chamberland, Martin; 'user@openmeetings.apache.org' > *Objet :* RE: problem with LDAP (3.2.2) > > > > Hi Martin, > > > > Could you please tell which LDAP server you used? MS AD or OpenLDAP, > Apache Directory Server? > > Since the configuration is a little bit different among different servers.. > > > > Good luck! > > Wentao > > > > Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for > Windows 10 > > > > *From: *Chamberland, Martin > *Sent: *Wednesday, 3 May 2017 2:06 AM > *To: *'user@openmeetings.apache.org' > *Subject: *problem with LDAP (3.2.2) > > > > Hi, > > > > I configure ldap on openmeeting 3.2.2 (snapshot) > > > > I think i did it correctly from server side (ldap.cfg file) and from the > web interface, but… > > I always receive this error message : > > > > ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 > [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. > > org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: > ERR_04202 A value is missing on some RDN > > > > Can you help me where i can look for more information to troubleshoot ? > > > > Thank’s in advance. > > > > Martin C. > > > > > > > > > > > > > > -- > > WBR > Maxim aka solomax > > > > > > -- > > WBR > Maxim aka solomax > > > > > > -- > > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
RE: problem with LDAP (3.2.2)
One quick question, when i changed some parameters in the ldap.cfg config file, should i restart openmeeting ? /etc/init.d/red5-ubdeb2 restart De : Maxim Solodovnik [mailto:solomax...@gmail.com] Envoyé : 3 mai 2017 08:53 À : Openmeetings user-list Objet : Re: problem with LDAP (3.2.2) Parameters were updated, there are more of them there is no need to specify DN in "weird" format: OU:Utilisateurs,DC:fadq,DC:qc it should be specified as "normal" DN: OU=Utilisateurs,DC=fadq,DC=qc please grab example config and update it with your credentials On Wed, May 3, 2017 at 7:47 PM, Chamberland, Martin mailto:martin.chamberl...@fadq.qc.ca>> wrote: Exactly, i just copy over network. I was sure parameters are the same, they are not ? De : Maxim Solodovnik [mailto:solomax...@gmail.com<mailto:solomax...@gmail.com>] Envoyé : 3 mai 2017 08:46 À : Openmeetings user-list Objet : Re: problem with LDAP (3.2.2) Additionally your config seems to be copied from OM 1.9 or so I would suggest you to take example config and update it line by line with your server, port, password, etc. On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik mailto:solomax...@gmail.com>> wrote: Thanks for the configuration you have specified ldap_auth_type=SIMPLEBIND but haven't specified ldap_userdn_format=... additionally ldap_admin_dn doesn't look like DN please check example config at [1] and set all required fields [1] https://github.com/apache/openmeetings/blob/3.2.x/openmeetings-web/src/main/webapp/conf/om_ldap.cfg On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin mailto:martin.chamberl...@fadq.qc.ca>> wrote: We are using AS Windows 2012 By the way, i have already here a Openmeeting 3.0.3 that is connected successfully on the same AD De : Wentao Liu [mailto:cscmu...@aliyun.com<mailto:cscmu...@aliyun.com>] Envoyé : 3 mai 2017 00:21 À : Chamberland, Martin; 'user@openmeetings.apache.org<mailto:user@openmeetings.apache.org>' Objet : RE: problem with LDAP (3.2.2) Hi Martin, Could you please tell which LDAP server you used? MS AD or OpenLDAP, Apache Directory Server? Since the configuration is a little bit different among different servers.. Good luck! Wentao Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10 From: Chamberland, Martin<mailto:martin.chamberl...@fadq.qc.ca> Sent: Wednesday, 3 May 2017 2:06 AM To: 'user@openmeetings.apache.org'<mailto:user@openmeetings.apache.org> Subject: problem with LDAP (3.2.2) Hi, I configure ldap on openmeeting 3.2.2 (snapshot) I think i did it correctly from server side (ldap.cfg file) and from the web interface, but… I always receive this error message : ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04202 A value is missing on some RDN Can you help me where i can look for more information to troubleshoot ? Thank’s in advance. Martin C. -- WBR Maxim aka solomax -- WBR Maxim aka solomax -- WBR Maxim aka solomax
Re: problem with LDAP (3.2.2)
I guess no-one can login to your LDAP using following DN: *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local* *%s *will be changed with user provided login Are you sure you need "SIMPLEBIND"? In this mode DN is constructed using pattern provided Maybe you need SEARCHANDBIND so user will be searched using your admin DN and search base? On Wed, May 3, 2017 at 8:18 PM, Chamberland, Martin < martin.chamberl...@fadq.qc.ca> wrote: > There is so much new parameters, i don’t know what to set it L > > > > From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257 > [http-nio-0.0.0.0-5080-exec-10] - Not authenticated. > > > > ldap_conn_host=ldapint1.fadq.qc > > ldap_conn_port=389 > > ldap_conn_secure=false > > > > # Login distinguished name (DN) for Authentication on LDAP Server - keep > empty if not required > > # Use full qualified LDAP DN > > #ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local > > ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC= > fadq,DC=qc > > > > # Loginpass for Authentication on LDAP Server - keep empty if not required > > ldap_passwd= > > > > # base to search for userdata(of user, that wants to login) > > #ldap_search_base=OU=Company,DC=medint,DC=local > > ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc > > > > # Fieldnames (can differ between Ldap servers) > > #ldap_search_query=(uid=%s) > > ldap_search_query=userPrincipalName > > > > # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE > > ldap_search_scope=ONELEVEL > > > > # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND) > > # When using SIMPLEBIND a simple bind is performed on the LDAP server to > check user authentication > > # When using NONE, the Ldap server is not used for authentication > > ldap_auth_type=SIMPLEBIND > > > > # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND > > # might be used to get provisionningDn in case ldap_auth_type=NONE > > *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local* > > > > # Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE) > > ldap_provisionning=AUTOCREATE > > > > # Ldap deref mode (never, searching, finding, always) > > ldap_deref_mode=always > > > > # Set this to 'true' if you want to use admin_dn to get user attributes > > # If any other value is set, user_dn will be used > > ldap_use_admin_to_get_attrs=true > > > > # Ldap-password synchronization to OM DB > > # Set this to 'true' if you want OM to synchronize the user Ldap-password > to OM's internal DB > > # If you want to disable the feature, set this to any other string. > > # Defautl value is 'true' > > #ldap_sync_password_to_om=true > > ldap_sync_password_to_om=false > > > > > > # Ldap group mode (NONE, ATTRIBUTE, QUERY) > > # NONE means group associations will be ignored > > # ATTRIBUTE means group associations will be taken from 'ldap_group_attr' > attribute (M$ AD mode) > > # QUERY means group associations will be taken as a result of > 'ldap_group_query' query > > ldap_group_mode=NONE > > > > ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup)) > > > > # Ldap user attributes mapping > > # Set the following internal OM user attributes to their corresponding > Ldap-attribute > > ldap_user_attr_login=uid > > ldap_user_attr_lastname=sn > > ldap_user_attr_firstname=givenName > > ldap_user_attr_mail=mail > > ldap_user_attr_street=streetAddress > > ldap_user_attr_additionalname=description > > ldap_user_attr_fax=facsimileTelephoneNumber > > ldap_user_attr_zip=postalCode > > ldap_user_attr_country=co > > ldap_user_attr_town=l > > ldap_user_attr_phone=telephoneNumber > > ldap_group_attr=memberOf > > > > # optional, only absolute URLs make sense > > #ldap_user_picture_uri=picture_uri > > > > # optional > > # the timezone has to match any timezone available in Java, otherwise the > timezone defined in the value of > > # the conf_key "default.timezone" in OpenMeetings "configurations" table > > #ldap_user_timezone=timezone > > > > # Ldap ignore upper/lower case, convert all input to lower case > > ldap_use_lower_case=false > > > > # Ldap import query, this query should retrieve all LDAP users > > ldap_import_query=(objectClass=inetOrgPerson) > > > > *De :* Maxim Solodovnik [mailto:solomax...@gmail.com] > *Envoyé :* 3 mai 2017 08:53 > *À :* Openmeetings user-list > *Objet :* Re
RE: problem with LDAP (3.2.2)
There is so much new parameters, i don’t know what to set it ☹ From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257 [http-nio-0.0.0.0-5080-exec-10] - Not authenticated. ldap_conn_host=ldapint1.fadq.qc ldap_conn_port=389 ldap_conn_secure=false # Login distinguished name (DN) for Authentication on LDAP Server - keep empty if not required # Use full qualified LDAP DN #ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC=fadq,DC=qc # Loginpass for Authentication on LDAP Server - keep empty if not required ldap_passwd= # base to search for userdata(of user, that wants to login) #ldap_search_base=OU=Company,DC=medint,DC=local ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc # Fieldnames (can differ between Ldap servers) #ldap_search_query=(uid=%s) ldap_search_query=userPrincipalName # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE ldap_search_scope=ONELEVEL # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND) # When using SIMPLEBIND a simple bind is performed on the LDAP server to check user authentication # When using NONE, the Ldap server is not used for authentication ldap_auth_type=SIMPLEBIND # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND # might be used to get provisionningDn in case ldap_auth_type=NONE ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local # Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE) ldap_provisionning=AUTOCREATE # Ldap deref mode (never, searching, finding, always) ldap_deref_mode=always # Set this to 'true' if you want to use admin_dn to get user attributes # If any other value is set, user_dn will be used ldap_use_admin_to_get_attrs=true # Ldap-password synchronization to OM DB # Set this to 'true' if you want OM to synchronize the user Ldap-password to OM's internal DB # If you want to disable the feature, set this to any other string. # Defautl value is 'true' #ldap_sync_password_to_om=true ldap_sync_password_to_om=false # Ldap group mode (NONE, ATTRIBUTE, QUERY) # NONE means group associations will be ignored # ATTRIBUTE means group associations will be taken from 'ldap_group_attr' attribute (M$ AD mode) # QUERY means group associations will be taken as a result of 'ldap_group_query' query ldap_group_mode=NONE ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup)) # Ldap user attributes mapping # Set the following internal OM user attributes to their corresponding Ldap-attribute ldap_user_attr_login=uid ldap_user_attr_lastname=sn ldap_user_attr_firstname=givenName ldap_user_attr_mail=mail ldap_user_attr_street=streetAddress ldap_user_attr_additionalname=description ldap_user_attr_fax=facsimileTelephoneNumber ldap_user_attr_zip=postalCode ldap_user_attr_country=co ldap_user_attr_town=l ldap_user_attr_phone=telephoneNumber ldap_group_attr=memberOf # optional, only absolute URLs make sense #ldap_user_picture_uri=picture_uri # optional # the timezone has to match any timezone available in Java, otherwise the timezone defined in the value of # the conf_key "default.timezone" in OpenMeetings "configurations" table #ldap_user_timezone=timezone # Ldap ignore upper/lower case, convert all input to lower case ldap_use_lower_case=false # Ldap import query, this query should retrieve all LDAP users ldap_import_query=(objectClass=inetOrgPerson) De : Maxim Solodovnik [mailto:solomax...@gmail.com] Envoyé : 3 mai 2017 08:53 À : Openmeetings user-list Objet : Re: problem with LDAP (3.2.2) Parameters were updated, there are more of them there is no need to specify DN in "weird" format: OU:Utilisateurs,DC:fadq,DC:qc it should be specified as "normal" DN: OU=Utilisateurs,DC=fadq,DC=qc please grab example config and update it with your credentials On Wed, May 3, 2017 at 7:47 PM, Chamberland, Martin mailto:martin.chamberl...@fadq.qc.ca>> wrote: Exactly, i just copy over network. I was sure parameters are the same, they are not ? De : Maxim Solodovnik [mailto:solomax...@gmail.com<mailto:solomax...@gmail.com>] Envoyé : 3 mai 2017 08:46 À : Openmeetings user-list Objet : Re: problem with LDAP (3.2.2) Additionally your config seems to be copied from OM 1.9 or so I would suggest you to take example config and update it line by line with your server, port, password, etc. On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik mailto:solomax...@gmail.com>> wrote: Thanks for the configuration you have specified ldap_auth_type=SIMPLEBIND but haven't specified ldap_userdn_format=... additionally ldap_admin_dn doesn't look like DN please check example config at [1] and set all required fields [1] https://github.com/apache/openmeetings/blob/3.2.x/openmeetings-web/src/main/webapp/conf/om_ldap.cfg On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin mailto:martin.chamberl...@fadq.qc.ca>> wrote: We are u
Re: problem with LDAP (3.2.2)
Parameters were updated, there are more of them there is no need to specify DN in "weird" format: OU:Utilisateurs,DC:fadq,DC:qc it should be specified as "normal" DN: OU=Utilisateurs,DC=fadq,DC=qc please grab example config and update it with your credentials On Wed, May 3, 2017 at 7:47 PM, Chamberland, Martin < martin.chamberl...@fadq.qc.ca> wrote: > Exactly, i just copy over network. > > I was sure parameters are the same, they are not ? > > > > *De :* Maxim Solodovnik [mailto:solomax...@gmail.com] > *Envoyé :* 3 mai 2017 08:46 > *À :* Openmeetings user-list > *Objet :* Re: problem with LDAP (3.2.2) > > > > Additionally your config seems to be copied from OM 1.9 or so > > I would suggest you to take example config and update it line by line with > your server, port, password, etc. > > > > On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik > wrote: > > Thanks for the configuration > > > > you have specified > > ldap_auth_type=SIMPLEBIND > > > > but haven't specified > > ldap_userdn_format=... > > > > additionally ldap_admin_dn doesn't look like DN > > > > please check example config at [1] > > and set all required fields > > > > [1] https://github.com/apache/openmeetings/blob/3.2.x/ > openmeetings-web/src/main/webapp/conf/om_ldap.cfg > > > > On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin < > martin.chamberl...@fadq.qc.ca> wrote: > > We are using AS Windows 2012 > > > > By the way, i have already here a Openmeeting 3.0.3 that is connected > successfully on the same AD > > > > *De :* Wentao Liu [mailto:cscmu...@aliyun.com] > *Envoyé :* 3 mai 2017 00:21 > *À :* Chamberland, Martin; 'user@openmeetings.apache.org' > *Objet :* RE: problem with LDAP (3.2.2) > > > > Hi Martin, > > > > Could you please tell which LDAP server you used? MS AD or OpenLDAP, > Apache Directory Server? > > Since the configuration is a little bit different among different servers.. > > > > Good luck! > > Wentao > > > > Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for > Windows 10 > > > > *From: *Chamberland, Martin > *Sent: *Wednesday, 3 May 2017 2:06 AM > *To: *'user@openmeetings.apache.org' > *Subject: *problem with LDAP (3.2.2) > > > > Hi, > > > > I configure ldap on openmeeting 3.2.2 (snapshot) > > > > I think i did it correctly from server side (ldap.cfg file) and from the > web interface, but… > > I always receive this error message : > > > > ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 > [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. > > org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: > ERR_04202 A value is missing on some RDN > > > > Can you help me where i can look for more information to troubleshoot ? > > > > Thank’s in advance. > > > > Martin C. > > > > > > > > > > > > > > -- > > WBR > Maxim aka solomax > > > > > > -- > > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
RE: problem with LDAP (3.2.2)
Exactly, i just copy over network. I was sure parameters are the same, they are not ? De : Maxim Solodovnik [mailto:solomax...@gmail.com] Envoyé : 3 mai 2017 08:46 À : Openmeetings user-list Objet : Re: problem with LDAP (3.2.2) Additionally your config seems to be copied from OM 1.9 or so I would suggest you to take example config and update it line by line with your server, port, password, etc. On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik mailto:solomax...@gmail.com>> wrote: Thanks for the configuration you have specified ldap_auth_type=SIMPLEBIND but haven't specified ldap_userdn_format=... additionally ldap_admin_dn doesn't look like DN please check example config at [1] and set all required fields [1] https://github.com/apache/openmeetings/blob/3.2.x/openmeetings-web/src/main/webapp/conf/om_ldap.cfg On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin mailto:martin.chamberl...@fadq.qc.ca>> wrote: We are using AS Windows 2012 By the way, i have already here a Openmeeting 3.0.3 that is connected successfully on the same AD De : Wentao Liu [mailto:cscmu...@aliyun.com<mailto:cscmu...@aliyun.com>] Envoyé : 3 mai 2017 00:21 À : Chamberland, Martin; 'user@openmeetings.apache.org<mailto:user@openmeetings.apache.org>' Objet : RE: problem with LDAP (3.2.2) Hi Martin, Could you please tell which LDAP server you used? MS AD or OpenLDAP, Apache Directory Server? Since the configuration is a little bit different among different servers.. Good luck! Wentao Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10 From: Chamberland, Martin<mailto:martin.chamberl...@fadq.qc.ca> Sent: Wednesday, 3 May 2017 2:06 AM To: 'user@openmeetings.apache.org'<mailto:user@openmeetings.apache.org> Subject: problem with LDAP (3.2.2) Hi, I configure ldap on openmeeting 3.2.2 (snapshot) I think i did it correctly from server side (ldap.cfg file) and from the web interface, but… I always receive this error message : ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04202 A value is missing on some RDN Can you help me where i can look for more information to troubleshoot ? Thank’s in advance. Martin C. -- WBR Maxim aka solomax -- WBR Maxim aka solomax
Re: problem with LDAP (3.2.2)
Additionally your config seems to be copied from OM 1.9 or so I would suggest you to take example config and update it line by line with your server, port, password, etc. On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik wrote: > Thanks for the configuration > > you have specified > ldap_auth_type=SIMPLEBIND > > but haven't specified > ldap_userdn_format=... > > additionally ldap_admin_dn doesn't look like DN > > please check example config at [1] > and set all required fields > > [1] https://github.com/apache/openmeetings/blob/3.2.x/ > openmeetings-web/src/main/webapp/conf/om_ldap.cfg > > On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin < > martin.chamberl...@fadq.qc.ca> wrote: > >> We are using AS Windows 2012 >> >> >> >> By the way, i have already here a Openmeeting 3.0.3 that is connected >> successfully on the same AD >> >> >> >> *De :* Wentao Liu [mailto:cscmu...@aliyun.com] >> *Envoyé :* 3 mai 2017 00:21 >> *À :* Chamberland, Martin; 'user@openmeetings.apache.org' >> *Objet :* RE: problem with LDAP (3.2.2) >> >> >> >> Hi Martin, >> >> >> >> Could you please tell which LDAP server you used? MS AD or OpenLDAP, >> Apache Directory Server? >> >> Since the configuration is a little bit different among different >> servers.. >> >> >> >> Good luck! >> >> Wentao >> >> >> >> Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for >> Windows 10 >> >> >> >> *From: *Chamberland, Martin >> *Sent: *Wednesday, 3 May 2017 2:06 AM >> *To: *'user@openmeetings.apache.org' >> *Subject: *problem with LDAP (3.2.2) >> >> >> >> Hi, >> >> >> >> I configure ldap on openmeeting 3.2.2 (snapshot) >> >> >> >> I think i did it correctly from server side (ldap.cfg file) and from the >> web interface, but… >> >> I always receive this error message : >> >> >> >> ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 >> [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. >> >> org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: >> ERR_04202 A value is missing on some RDN >> >> >> >> Can you help me where i can look for more information to troubleshoot ? >> >> >> >> Thank’s in advance. >> >> >> >> Martin C. >> >> >> >> >> >> >> >> >> > > > > -- > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
Re: problem with LDAP (3.2.2)
Thanks for the configuration you have specified ldap_auth_type=SIMPLEBIND but haven't specified ldap_userdn_format=... additionally ldap_admin_dn doesn't look like DN please check example config at [1] and set all required fields [1] https://github.com/apache/openmeetings/blob/3.2.x/openmeetings-web/src/main/webapp/conf/om_ldap.cfg On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin < martin.chamberl...@fadq.qc.ca> wrote: > We are using AS Windows 2012 > > > > By the way, i have already here a Openmeeting 3.0.3 that is connected > successfully on the same AD > > > > *De :* Wentao Liu [mailto:cscmu...@aliyun.com] > *Envoyé :* 3 mai 2017 00:21 > *À :* Chamberland, Martin; 'user@openmeetings.apache.org' > *Objet :* RE: problem with LDAP (3.2.2) > > > > Hi Martin, > > > > Could you please tell which LDAP server you used? MS AD or OpenLDAP, > Apache Directory Server? > > Since the configuration is a little bit different among different servers.. > > > > Good luck! > > Wentao > > > > Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for > Windows 10 > > > > *From: *Chamberland, Martin > *Sent: *Wednesday, 3 May 2017 2:06 AM > *To: *'user@openmeetings.apache.org' > *Subject: *problem with LDAP (3.2.2) > > > > Hi, > > > > I configure ldap on openmeeting 3.2.2 (snapshot) > > > > I think i did it correctly from server side (ldap.cfg file) and from the > web interface, but… > > I always receive this error message : > > > > ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 > [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. > > org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: > ERR_04202 A value is missing on some RDN > > > > Can you help me where i can look for more information to troubleshoot ? > > > > Thank’s in advance. > > > > Martin C. > > > > > > > > > -- WBR Maxim aka solomax
RE: problem with LDAP (3.2.2)
We are using AS Windows 2012 By the way, i have already here a Openmeeting 3.0.3 that is connected successfully on the same AD De : Wentao Liu [mailto:cscmu...@aliyun.com] Envoyé : 3 mai 2017 00:21 À : Chamberland, Martin; 'user@openmeetings.apache.org' Objet : RE: problem with LDAP (3.2.2) Hi Martin, Could you please tell which LDAP server you used? MS AD or OpenLDAP, Apache Directory Server? Since the configuration is a little bit different among different servers.. Good luck! Wentao Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10 From: Chamberland, Martin<mailto:martin.chamberl...@fadq.qc.ca> Sent: Wednesday, 3 May 2017 2:06 AM To: 'user@openmeetings.apache.org'<mailto:user@openmeetings.apache.org> Subject: problem with LDAP (3.2.2) Hi, I configure ldap on openmeeting 3.2.2 (snapshot) I think i did it correctly from server side (ldap.cfg file) and from the web interface, but… I always receive this error message : ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04202 A value is missing on some RDN Can you help me where i can look for more information to troubleshoot ? Thank’s in advance. Martin C.
RE: problem with LDAP (3.2.2)
Hi Martin, Could you please tell which LDAP server you used? MS AD or OpenLDAP, Apache Directory Server? Since the configuration is a little bit different among different servers.. Good luck! Wentao Sent from Mail for Windows 10 From: Chamberland, Martin Sent: Wednesday, 3 May 2017 2:06 AM To: 'user@openmeetings.apache.org' Subject: problem with LDAP (3.2.2) Hi, I configure ldap on openmeeting 3.2.2 (snapshot) I think i did it correctly from server side (ldap.cfg file) and from the web interface, but… I always receive this error message : ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04202 A value is missing on some RDN Can you help me where i can look for more information to troubleshoot ? Thank’s in advance. Martin C.
Re: problem with LDAP (3.2.2)
Hello Martin, could you provide your ldap.cfg (maybe privately) According to error: "LdapInvalidDnException: ERR_04202 A value is missing on some RDN": DN parts of ldap.cfg is most interesting On Wed, May 3, 2017 at 1:06 AM, Chamberland, Martin < martin.chamberl...@fadq.qc.ca> wrote: > Hi, > > > > I configure ldap on openmeeting 3.2.2 (snapshot) > > > > I think i did it correctly from server side (ldap.cfg file) and from the > web interface, but… > > I always receive this error message : > > > > ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 > [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. > > org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: > ERR_04202 A value is missing on some RDN > > > > Can you help me where i can look for more information to troubleshoot ? > > > > Thank’s in advance. > > > > Martin C. > > > > > > > -- WBR Maxim aka solomax
