Hi, I'm new to Tomcat and ADs. I'm trying to configure a JNDI realm (Tomcat 4.1.17 on IBM AS/400) to authenticate to Active Directory(microsoft on a server). I've found a couple of brief examples to follow, but don't understand the nomenclature well enough to make mine work on our installation. I saw on one webpage that I may need an LDAP driver. However, I thought that was what ADserver accomplished.(?) I followed this example: http://www.java-internals.com/code/jndi_realm.html <http://www.java-internals.com/code/jndi_realm.html>
This is my code (with altered user-id, password, and ip address): <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://19.999.9.9:389"; userBase="CN=Users,dc=Lubbock,dc=isd" userSearch="(userPrincipalName={0})" userRoleName="member" roleBase="CN=Users,dc=Lubbock,dc=isd" roleName="cn" roleSearch="(member={0})" connectionName="CN=TomcatUserId,DC=lubbock,DC=isd" connectionPassword="TomcatPassword" roleSubtree="true" userSubtree="true"/> This is the error I get: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893 I can't figure out if we have a "Users" item. The guys in charge of our ADs can't tell me its properties. It's new to them. They showed me a script they used to populate it. under the column labled objectCategory, the entry is: CN=Person,CN=Schema,CN=Configuration,DC=lubbock,DC=isd under the column labled objectClass the entry is: user The other column headings are: DN distinguished name name cn descrioption displayNmae mail givenName sAMAccountName sn userAccountControl userPrincipalName homeDirectory homeDrive Under the column labled DN and under the column labled distinguishedName the entry is the same: CN=John Doe, OU=CO,DC=lubbock,DC=isd The AD support guys told me that OU=CO means Organizational Unit = Central office. I want to be able to search across all OU's. Any help or suggestions would be greatly appreciated. Thanks, Robyne K. Vaughn Programmer/Analyst Lubbock ISD 1628 19th St Lubbock, TX 79401 806-766-1119
