There is so much new parameters, i don’t know what to set it ☹ From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257 [http-nio-0.0.0.0-5080-exec-10] - Not authenticated.
ldap_conn_host=ldapint1.fadq.qc ldap_conn_port=389 ldap_conn_secure=false # Login distinguished name (DN) for Authentication on LDAP Server - keep empty if not required # Use full qualified LDAP DN #ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC=fadq,DC=qc # Loginpass for Authentication on LDAP Server - keep empty if not required ldap_passwd=******** # base to search for userdata(of user, that wants to login) #ldap_search_base=OU=Company,DC=medint,DC=local ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc # Fieldnames (can differ between Ldap servers) #ldap_search_query=(uid=%s) ldap_search_query=userPrincipalName # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE ldap_search_scope=ONELEVEL # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND) # When using SIMPLEBIND a simple bind is performed on the LDAP server to check user authentication # When using NONE, the Ldap server is not used for authentication ldap_auth_type=SIMPLEBIND # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND # might be used to get provisionningDn in case ldap_auth_type=NONE ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local # Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE) ldap_provisionning=AUTOCREATE # Ldap deref mode (never, searching, finding, always) ldap_deref_mode=always # Set this to 'true' if you want to use admin_dn to get user attributes # If any other value is set, user_dn will be used ldap_use_admin_to_get_attrs=true # Ldap-password synchronization to OM DB # Set this to 'true' if you want OM to synchronize the user Ldap-password to OM's internal DB # If you want to disable the feature, set this to any other string. # Defautl value is 'true' #ldap_sync_password_to_om=true ldap_sync_password_to_om=false # Ldap group mode (NONE, ATTRIBUTE, QUERY) # NONE means group associations will be ignored # ATTRIBUTE means group associations will be taken from 'ldap_group_attr' attribute (M$ AD mode) # QUERY means group associations will be taken as a result of 'ldap_group_query' query ldap_group_mode=NONE ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup)) # Ldap user attributes mapping # Set the following internal OM user attributes to their corresponding Ldap-attribute ldap_user_attr_login=uid ldap_user_attr_lastname=sn ldap_user_attr_firstname=givenName ldap_user_attr_mail=mail ldap_user_attr_street=streetAddress ldap_user_attr_additionalname=description ldap_user_attr_fax=facsimileTelephoneNumber ldap_user_attr_zip=postalCode ldap_user_attr_country=co ldap_user_attr_town=l ldap_user_attr_phone=telephoneNumber ldap_group_attr=memberOf # optional, only absolute URLs make sense #ldap_user_picture_uri=picture_uri # optional # the timezone has to match any timezone available in Java, otherwise the timezone defined in the value of # the conf_key "default.timezone" in OpenMeetings "configurations" table #ldap_user_timezone=timezone # Ldap ignore upper/lower case, convert all input to lower case ldap_use_lower_case=false # Ldap import query, this query should retrieve all LDAP users ldap_import_query=(objectClass=inetOrgPerson) De : Maxim Solodovnik [mailto:[email protected]] Envoyé : 3 mai 2017 08:53 À : Openmeetings user-list Objet : Re: problem with LDAP (3.2.2) Parameters were updated, there are more of them there is no need to specify DN in "weird" format: OU:Utilisateurs,DC:fadq,DC:qc it should be specified as "normal" DN: OU=Utilisateurs,DC=fadq,DC=qc please grab example config and update it with your credentials On Wed, May 3, 2017 at 7:47 PM, Chamberland, Martin <[email protected]<mailto:[email protected]>> wrote: Exactly, i just copy over network. I was sure parameters are the same, they are not ? De : Maxim Solodovnik [mailto:[email protected]<mailto:[email protected]>] Envoyé : 3 mai 2017 08:46 À : Openmeetings user-list Objet : Re: problem with LDAP (3.2.2) Additionally your config seems to be copied from OM 1.9 or so I would suggest you to take example config and update it line by line with your server, port, password, etc. On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik <[email protected]<mailto:[email protected]>> wrote: Thanks for the configuration you have specified ldap_auth_type=SIMPLEBIND but haven't specified ldap_userdn_format=... additionally ldap_admin_dn doesn't look like DN please check example config at [1] and set all required fields [1] https://github.com/apache/openmeetings/blob/3.2.x/openmeetings-web/src/main/webapp/conf/om_ldap.cfg On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin <[email protected]<mailto:[email protected]>> wrote: We are using AS Windows 2012 By the way, i have already here a Openmeeting 3.0.3 that is connected successfully on the same AD De : Wentao Liu [mailto:[email protected]<mailto:[email protected]>] Envoyé : 3 mai 2017 00:21 À : Chamberland, Martin; '[email protected]<mailto:[email protected]>' Objet : RE: problem with LDAP (3.2.2) Hi Martin, Could you please tell which LDAP server you used? MS AD or OpenLDAP, Apache Directory Server? Since the configuration is a little bit different among different servers.. Good luck! Wentao Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10 From: Chamberland, Martin<mailto:[email protected]> Sent: Wednesday, 3 May 2017 2:06 AM To: '[email protected]'<mailto:[email protected]> Subject: problem with LDAP (3.2.2) Hi, I configure ldap on openmeeting 3.2.2 (snapshot) I think i did it correctly from server side (ldap.cfg file) and from the web interface, but… I always receive this error message : ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04202 A value is missing on some RDN Can you help me where i can look for more information to troubleshoot ? Thank’s in advance. Martin C. -- WBR Maxim aka solomax -- WBR Maxim aka solomax -- WBR Maxim aka solomax
