Created. http://track.sipfoundry.org/browse/XX-9432
On Fri, Feb 11, 2011 at 12:35 AM, Laurentiu Ceausescu <[email protected]> wrote: > On Thu, Feb 10, 2011 at 9:43 PM, Douglas Hubler > <[email protected]<mailto:[email protected]>> wrote: > *bump* > > (Laurentui, what do you think?) > > > ---------- Forwarded message ---------- > From: Kyle Haefner > <[email protected]<mailto:[email protected]>> > Date: Wed, Feb 9, 2011 at 2:37 PM > Subject: [sipx-dev] Openfire AD Not working Exception > To: sipx-dev > <[email protected]<mailto:[email protected]>> > > > Hi Devs, > > Still having problems with openfire and LDAP. Version: 4.4.0- > 2011-01-20EST01:38:21 swift > > I have a user with IM id ldap_test. > > I am authenticating against Active Directory, using SAMAccountName as > the uid. Web authentication works. > > When I try to authenticate using Pidgin I get this in the openfire debug logs: > > > 2011.02.09 12:27:35 LdapManager: Starting LDAP search... > 2011.02.09 12:27:36 LdapManager: ... search finished > 2011.02.09 12:27:36 LdapManager: User DN based on username 'ldap_test' > not found. > 2011.02.09 12:27:36 LdapManager: Exception thrown when searching for > userDN based on username 'ldap_test' > org.jivesoftware.openfire.user.UserNotFoundException: Username > ldap_test not found > at > org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:711) > at > org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:637) > at > org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.java:112) > at > org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:158) > at > org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.java:87) > at > org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerPlainImpl.java:112) > at > org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java:245) > at > org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161) > at > org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandler.java:133) > at > org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:570) > at > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) > at > org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53) > at > org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648) > at > org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80) > at > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) > at > org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53) > at > org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648) > at > org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimpleProtocolDecoderOutput.java:58) > at > org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:185) > at > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) > at > org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53) > at > org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648) > at > org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:239) > at > org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:283) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) > at > org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51) > at java.lang.Thread.run(Thread.java:636) > > > The user shows up in the ofuser table: > openfire=# select username,name from ofuser where username='ldap_test'; > username | name > ----------+-------------- > ldap_test | Kyle Haefner > > Has anyone had any success getting openfire to auth against AD? I'm > convinced it is broken. I can set-up a new instance of openfire using > the embedded DB and it works against AD, but every time I try openfire > as configured by sipx it never works. > > Some things I noticed about the sipx ofproperty database: > > 1. There is no setting for ldap.usernameField > 2. There is no setting for ldap.searchFilter > > My standalone install of openfire seems to need these. > > > Please raise a JIRA issue and assign it to me. I've started to investigate it. > I'll add 'ldap.usernameField' and 'ldap.searchFilter' in openfire/ofproperty > table. > > Thanks, > Laurentiu > > _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev/
