Hi Devs,
Still having problems with openfire and LDAP. Version: 4.4.0-
2011-01-20EST01:38:21 swift
I have a user with IM id ldap_test.
I am authenticating against Active Directory, using SAMAccountName as
the uid. Web authentication works.
When I try to authenticate using Pidgin I get this in the openfire debug logs:
2011.02.09 12:27:35 LdapManager: Starting LDAP search...
2011.02.09 12:27:36 LdapManager: ... search finished
2011.02.09 12:27:36 LdapManager: User DN based on username 'ldap_test'
not found.
2011.02.09 12:27:36 LdapManager: Exception thrown when searching for
userDN based on username 'ldap_test'
org.jivesoftware.openfire.user.UserNotFoundException: Username
ldap_test not found
at
org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:711)
at
org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:637)
at
org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.java:112)
at
org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:158)
at
org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.java:87)
at
org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerPlainImpl.java:112)
at
org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java:245)
at
org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)
at
org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandler.java:133)
at
org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:570)
at
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
at
org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
at
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
at
org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)
at
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
at
org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
at
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
at
org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimpleProtocolDecoderOutput.java:58)
at
org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:185)
at
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
at
org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
at
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
at
org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:239)
at
org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:283)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at
org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.lang.Thread.run(Thread.java:636)
The user shows up in the ofuser table:
openfire=# select username,name from ofuser where username='ldap_test';
username | name
----------+--------------
ldap_test | Kyle Haefner
Has anyone had any success getting openfire to auth against AD? I'm
convinced it is broken. I can set-up a new instance of openfire using
the embedded DB and it works against AD, but every time I try openfire
as configured by sipx it never works.
Some things I noticed about the sipx ofproperty database:
1. There is no setting for ldap.usernameField
2. There is no setting for ldap.searchFilter
My standalone install of openfire seems to need these.
Regards,
Kyle
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev/
