dn: ou=system
objectClass: organizationalUnit
objectClass: top
ou: system
userPassword:: e21kNX1JU012S1hwWHBhZERpVW9PU29BZnd3PT0=
dn: uid=admin,ou=system
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: system administrator
displayName: Directory Superuser
sn: administrator
uid: admin
userPassword:: c2VjcmV0
dn: ou=users,ou=system
objectClass: organizationalUnit
objectClass: top
ou: users
dn: uid=system,ou=users,ou=system
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: John Doe
facsimiletelephonenumber: +1 408 555 5556
givenname: John
l: Las Vegas
mail: [EMAIL PROTECTED]
ou: People
ou: Human Resources
roomnumber: 4613
sn: Doe
telephonenumber: +1 408 555 5555
uid: system
userPassword:: bWFuYWdlcg==
dn: uid=user1,ou=users,ou=system
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: User
facsimiletelephonenumber: +1 408 555 5556
givenname: User1
l: Las Vegas
mail: [EMAIL PROTECTED]
ou: People
ou: Human Resources
roomnumber: 4613
sn: One
telephonenumber: +1 408 555 5555
uid: user1
userPassword:: dXNlcjE=
dn: uid=user2,ou=users,ou=system
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: User
facsimiletelephonenumber: +1 408 555 5556
givenname: User2
l: Las Vegas
mail: [EMAIL PROTECTED]
ou: People
ou: Human Resources
roomnumber: 4613
sn: Two
telephonenumber: +1 408 555 5555
uid: user2
userPassword:: dXNlcjI=
dn: uid=admin,ou=users,ou=system
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: admin
sn: admin
uid: admin
userPassword:: YWRtaW4=
dn: uid=user3,ou=users,ou=system
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: user3
sn: user3
uid: user3
userPassword:: dXNlcjM=
dn: uid=user4,ou=users,ou=system
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: user4
sn: user4
uid: user4
userPassword:: dXNlcjQ=
dn: uid=phani1,ou=users,ou=system
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: phani1
sn: phani1
uid: phani1
userPassword:: cGhhbmkx
dn: uid=balaji1,ou=users,ou=system
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: balaji1
sn: balaji1
uid: balaji1
userPassword:: e21kNX1wRWdLL2ZSODZXQmlPU1FZYmdFQUpBPT0=
dn: uid=balaji2,ou=users,ou=system
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: balaji2
sn: balaji2
uid: balaji2
userPassword:: e21kNX1zdXNnSkwybWx0V0ZrZlpWWjk3WnBBPT0=
dn: ou=groups,ou=system
objectClass: organizationalUnit
objectClass: top
ou: groups
dn: cn=admin,ou=groups,ou=system
objectClass: groupOfUniqueNames
cn: admin
uniqueMember: uid=system,ou=users,ou=system
dn: cn=guest,ou=groups,ou=system
objectClass: groupOfUniqueNames
cn: guest
uniqueMember: uid=user2,ou=users,ou=system
uniqueMember: uid=user1,ou=users,ou=system
dn: ou=configuration,ou=system
objectClass: organizationalUnit
objectClass: top
ou: configuration
dn: ou=partitions,ou=configuration,ou=system
objectClass: organizationalUnit
objectClass: top
ou: partitions
dn: ou=services,ou=configuration,ou=system
objectClass: organizationalUnit
objectClass: top
ou: services
dn: ou=interceptors,ou=configuration,ou=system
objectClass: organizationalUnit
objectClass: top
ou: interceptors
dn: prefNodeName=sysPrefRoot,ou=system
objectClass: extensibleObject
prefNodeName: sysPrefRoot
dn: uid=phani-users,ou=system
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: user1
sn: user1
uid: phani-users
Hi Phani,
Can you export an LDIF so we can see your LDAP conf? I think the problem may be there.
So far I have been able to add new users and alter the groups with my other LDAP client. Jxplorer is
giving me some problems while importing/updating from LDIFs.
Can you summarize the steps you do for adding the user?
Cheers!
Hernan
Phani Madgula wrote:
> Hi Hernan,
>
> I am using AG1.0. I tried with other LDAP clients.
> I observed that, some clients store passwords in SHA, by deafult.
> The authentication is failing in either case [MD5 or SHA]
>
> Thanks
> phani
>
>
> On 1/25/06, *Hernan Cunico* <[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED] >> wrote:
>
> Hi Phani,
> So far I am only getting this error while using Jxplorer. What other
> client have you tried?
>
> Cheers!
> Hernan
>
> Hernan Cunico wrote:
> >
> >> Hi Phani,
> >> sorry for the delay in the reply. I am having some issues too while
> >> validating the user.
> >> Maybe you arlready replied this in a previous note but, what
> version
> >> of Geronimo are you using?
> >>
> >> Cheers!
> >> Hernan
> >>
> >> Phani Madgula wrote:
> >>
> >>> Hi Hernan,
> >>>
> >>> Thanks for the link. It is quite helpful & informative.
> >>>
> >>> I did similar operations, as specified in my previous mail, by
> >>> deploying the sample application given in the article. I added
> a new
> >>> user user3/pass123 in "ou=users, ou=system" in Directory
> server, and
> >>> in geronimo-web.xml I added the user3 in role mappings
> >>>
> >>> <role-mappings>
> >>> <role role-name="content-administrator">
> >>> <realm realm-name="ldap-realm">
> >>>
> >>> <principal
> >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal "
> >>>
> >>> name="admin" designated-run-as="true"/>
> >>> <principal
> >>>
> class=" org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> >>>
> >>> name="system"/>
> >>> <principal
> >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> >>>
> >>> name="user3"/>
> >>> </realm>
> >>> </role>
> >>>
> >>> <role role-name="guest">
> >>> <realm realm-name="ldap-realm">
> >>> <principal
> >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal
> >>> "
> >>> name="guest" designated-run-as="true"/>
> >>> <principal
> >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> >>>
> >>> name="user1"/>
> >>> <principal
> >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> >>>
> >>> name="user2"/>
> >>> </realm>
> >>> </role>
> >>>
> >>> </role-mappings>
> >>>
> >>> I used Jxplorer LDAP client to create the new user users3. When I
> >>> provide password in PLAIN format which uses BASE64 encoding
> through
> >>> LDAP client, the application is authenticating successfully. When I
> >>> store it in MD5, the authentication is failing for user3.
> >>>
> >>> Any issue while using MD5 ?
> >>>
> >>> thanks
> >>> phani
> >>>
> >>> On 1/21/06, *Hernan Cunico* <[EMAIL PROTECTED]
> <mailto: [EMAIL PROTECTED]>
> >>> <mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> > wrote:
> >>>
> >>> Hi Phani,
> >>> Here is an article that may help you configure LDAP
> >>>
> >>>
> >>>
> http://opensource2.atlassian.com/confluence/oss/display/GERONIMO/Configuring+LDAP
> >>>
> >>>
> >>> Cheers!
> >>> Hernan
> >>>
> >>> Phani Madgula wrote:
> >>> > Hi
> >>> >
> >>> > I am facing a problem while connecting to LDAP server
> from an
> >>> LDAP client.
> >>> > I have installed Softerra LDAP browser and tried to
> connect to
> >>> LDAP
> >>> > server running on Geronimo.
> >>> >
> >>> > I always get "Can not connect to the LDAP server : ERROR
> 91".
> >>> >
> >>> > Any solution?
> >>> >
> >>> > thanks
> >>> > phani
> >>>
> >>>
> >>
> >
>
>
