Actually you better test with LDAPExplorer to ensure userdn format is
correct
to be fair I was unable to set up userdn and use SIMPLEBIND.

I usually using SEARCHANDBIND

your error: 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT),
data 0, best match of: 'DC=intranet,DC=Company,DC=com'
might be caused by too specific search query: ldap_search_query=(&(
objectCategory=person)(objectClass=person)(sAMAccountName=%1$s))
I would start with more generic one: ldap_search_query=(sAMAccountName=%s)


On Thu, Dec 4, 2014 at 1:04 PM, Ian <[email protected]> wrote:

>  Thanks Maxim.  Apparently when I use SEARCHANDBIND, ldap_userdn_format
> is not used (at least I don't see it being passed in clear text with
> tcpdump).
> I switched it back to SIMPLEBIND and I see the ldap_userdn_format being
> passed, but now I'm getting a different error:
>
> LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
> v1db1.
>
> Maybe what I'll do is sniff the traffic of OpenFire and see how it is
> passing things to the server and try to mimic that.
>
> On 12/3/2014 10:51 PM, Maxim Solodovnik wrote:
>
> I guess you need to set
> ldap_auth_type=SIMPLEBIND
>  ldap_userdn_format=sAMAccountName=%s,OU=Company,DC=medint,DC=local
>
>
>  I would start with
> ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local
>  ldap_passwd=dummy07
>  ldap_search_base=OU=Company,DC=medint,DC=local
>  ldap_search_query=(sAMAccountName=%s)
>  ldap_auth_type=SEARCHANDBIND
>
>
>
> On Thu, Dec 4, 2014 at 12:24 PM, Ian <[email protected]> wrote:
>
>>  According to the docs here:
>> http://openmeetings.apache.org/LdapAndADS.html
>>
>> "In: $RED5_HOME/webapps/openmeetings/conf you will find sample
>> configurations for LDAP and Active Directory."
>>
>> However, I only see an example configuration file for ldap, not AD.  Have
>> the two been merged in 3.x?  When searching for the AD example file in
>> Google, I'm finding examples, but the posts are all dated 2011 or earlier
>> and the settings are vastly different than those in the example LDAP
>> configuration file.
>>
>> I've got AD working correctly with other open source projects (OpenFire),
>> so I have some clue as to how to set things up, however, I don't see an
>> option to set the username field to sAMAccountName, and I'm confused about
>> what I need to set ldap_userdn_format to.
>>
>
>
>
>  --
> WBR
> Maxim aka solomax
>
>
>


-- 
WBR
Maxim aka solomax

Reply via email to