Good day. I've succeeded in setting up the JNDIRealm to connect and authenticate to AD (Active Directory) if the exact context (tree path) to the user element is known. I just set the userBase to that exact context. E.g. userBase="ou=Office1,dc=Company,dc=net"
However, I'm having trouble setting up JNDIRealm to connect to AD *IF* you don't know the exact context to a user element, but need to search through a couple of subtrees to locate it. Thus, the system need to authenticate users that could be under any subtree laying below "dc=Company,dc=net" I thought that I'd just specify the userBase in the JNDIRealm as: userBase="dc=Company,dc=net" but this generate the exception: javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'dc=Company,dc=net' It seems, the way to do multiple subtree searches in JNDI is by means of "Referrals". (http://java.sun.com/products/jndi/tutorial/ldap/referral/jndi.html) but this does not work for AD. In AD you use a "Global Catalog" to do subtree (forest) searches. Now the question: Does anybody know if you can do "Global Catalog" searches via JNDI? And if not, is there another way to solve this problem? Thanks in advance carel-j --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
