Well - you mentioned exactly what I have been wondering about!
Most companies split users and groups in several OUs (Organizational units). Can the JNDIStore search through the AD and fetch all users and groups, also how will that affect the performance?
I have an AD with several OU ready for testing, but I have not had the time to look into this deeper yet!
/jacob
----- Original Message ----- From: "John Gilbert" <[EMAIL PROTECTED]>
To: "Slide Users Mailing List" <[email protected]>; "Slide Users Mailing List" <[email protected]>
Sent: Friday, February 25, 2005 4:14 PM
Subject: RE: LDAP Connection Error
There isn't much to say. I just follow the instructions I found in the comment block of the source code and the postings to the user group. There was nothing too special for AD.
Here is a link to a posting by James Mason. http://cvs.apache.org/viewcvs.cgi/jakarta-slide/src/conf/webapp/JNDI-Domain.xml?rev=1.2&view=auto
I did have to play with the jndi.attributes.groupmemberset and jndi.search.filter settings settings.
Just use any old ldap browser to browse the schema.
One thing I have found is that AD admins seem to like spreading their groups and people around in the tree, instead of having a single people root and a single groups root. I don't think the JNDIPrincipalStore handles this case, but I didn't have time to test it thoroughly. It might have to do with the jndi.search.scope setting.
Also having the passwords in cleartext has been a battle.
________________________________
From: Jacob Lund [mailto:[EMAIL PROTECTED] Sent: Fri 2/25/2005 5:53 AM To: Slide Users Mailing List Subject: Re: LDAP Connection Error
Hi John!
I would like to create a Wiki on how to integrate slide with an AD!
Would you mind sharing your configuration of the JNDIPrincipalStore, realm and other experiences on this integration?
Thanks /Jacob
----- Original Message ----- From: "John Gilbert" <[EMAIL PROTECTED]> To: "Slide Users Mailing List" <[email protected]> Sent: Thursday, February 24, 2005 4:33 PM Subject: LDAP Connection Error
I am using the JNDIPrincipalStore to connect to Active Directory to retrieve Users and Roles. Everything works fine for a while.
Then it eventually gets a connection error and I have to restart the Slide war. I have several other applications connecting to the same
Active Directory instance and they are not experiencing any problems or may be they are handling the error and reconnecting automatically.
Has anyone had this problem?
Is the JNDIPrincipalStore supposed to gracefully reconnect? There is nothing for this in the code. Is this handled by the framework?
Thanks
John
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
