I guess no-one can login to your LDAP using following DN: *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local* *%s *will be changed with user provided login
Are you sure you need "SIMPLEBIND"? In this mode DN is constructed using pattern provided Maybe you need SEARCHANDBIND so user will be searched using your admin DN and search base? On Wed, May 3, 2017 at 8:18 PM, Chamberland, Martin < [email protected]> wrote: > There is so much new parameters, i don’t know what to set it L > > > > From now, i get : ERROR 05-03 09:16:01.333 o.a.o.c.l.LdapLoginManagement:257 > [http-nio-0.0.0.0-5080-exec-10] - Not authenticated. > > > > ldap_conn_host=ldapint1.fadq.qc > > ldap_conn_port=389 > > ldap_conn_secure=false > > > > # Login distinguished name (DN) for Authentication on LDAP Server - keep > empty if not required > > # Use full qualified LDAP DN > > #ldap_admin_dn=CN=dummy,OU=Company,DC=medint,DC=local > > ldap_admin_dn=cn=ldap,OU=Comptes de service,OU=Administration,DC= > fadq,DC=qc > > > > # Loginpass for Authentication on LDAP Server - keep empty if not required > > ldap_passwd=******** > > > > # base to search for userdata(of user, that wants to login) > > #ldap_search_base=OU=Company,DC=medint,DC=local > > ldap_search_base=OU=Utilisateurs,DC=fadq,DC=qc > > > > # Fieldnames (can differ between Ldap servers) > > #ldap_search_query=(uid=%s) > > ldap_search_query=userPrincipalName > > > > # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE > > ldap_search_scope=ONELEVEL > > > > # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND) > > # When using SIMPLEBIND a simple bind is performed on the LDAP server to > check user authentication > > # When using NONE, the Ldap server is not used for authentication > > ldap_auth_type=SIMPLEBIND > > > > # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND > > # might be used to get provisionningDn in case ldap_auth_type=NONE > > *ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local* > > > > # Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE) > > ldap_provisionning=AUTOCREATE > > > > # Ldap deref mode (never, searching, finding, always) > > ldap_deref_mode=always > > > > # Set this to 'true' if you want to use admin_dn to get user attributes > > # If any other value is set, user_dn will be used > > ldap_use_admin_to_get_attrs=true > > > > # Ldap-password synchronization to OM DB > > # Set this to 'true' if you want OM to synchronize the user Ldap-password > to OM's internal DB > > # If you want to disable the feature, set this to any other string. > > # Defautl value is 'true' > > #ldap_sync_password_to_om=true > > ldap_sync_password_to_om=false > > > > > > # Ldap group mode (NONE, ATTRIBUTE, QUERY) > > # NONE means group associations will be ignored > > # ATTRIBUTE means group associations will be taken from 'ldap_group_attr' > attribute (M$ AD mode) > > # QUERY means group associations will be taken as a result of > 'ldap_group_query' query > > ldap_group_mode=NONE > > > > ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup)) > > > > # Ldap user attributes mapping > > # Set the following internal OM user attributes to their corresponding > Ldap-attribute > > ldap_user_attr_login=uid > > ldap_user_attr_lastname=sn > > ldap_user_attr_firstname=givenName > > ldap_user_attr_mail=mail > > ldap_user_attr_street=streetAddress > > ldap_user_attr_additionalname=description > > ldap_user_attr_fax=facsimileTelephoneNumber > > ldap_user_attr_zip=postalCode > > ldap_user_attr_country=co > > ldap_user_attr_town=l > > ldap_user_attr_phone=telephoneNumber > > ldap_group_attr=memberOf > > > > # optional, only absolute URLs make sense > > #ldap_user_picture_uri=picture_uri > > > > # optional > > # the timezone has to match any timezone available in Java, otherwise the > timezone defined in the value of > > # the conf_key "default.timezone" in OpenMeetings "configurations" table > > #ldap_user_timezone=timezone > > > > # Ldap ignore upper/lower case, convert all input to lower case > > ldap_use_lower_case=false > > > > # Ldap import query, this query should retrieve all LDAP users > > ldap_import_query=(objectClass=inetOrgPerson) > > > > *De :* Maxim Solodovnik [mailto:[email protected]] > *Envoyé :* 3 mai 2017 08:53 > *À :* Openmeetings user-list > *Objet :* Re: problem with LDAP (3.2.2) > > > > Parameters were updated, > > there are more of them > > there is no need to specify DN in "weird" format: > > OU:Utilisateurs,DC:fadq,DC:qc > > it should be specified as "normal" DN: > > OU=Utilisateurs,DC=fadq,DC=qc > > > > please grab example config and update it with your credentials > > > > > > On Wed, May 3, 2017 at 7:47 PM, Chamberland, Martin < > [email protected]> wrote: > > Exactly, i just copy over network. > > I was sure parameters are the same, they are not ? > > > > *De :* Maxim Solodovnik [mailto:[email protected]] > *Envoyé :* 3 mai 2017 08:46 > *À :* Openmeetings user-list > *Objet :* Re: problem with LDAP (3.2.2) > > > > Additionally your config seems to be copied from OM 1.9 or so > > I would suggest you to take example config and update it line by line with > your server, port, password, etc. > > > > On Wed, May 3, 2017 at 7:43 PM, Maxim Solodovnik <[email protected]> > wrote: > > Thanks for the configuration > > > > you have specified > > ldap_auth_type=SIMPLEBIND > > > > but haven't specified > > ldap_userdn_format=... > > > > additionally ldap_admin_dn doesn't look like DN > > > > please check example config at [1] > > and set all required fields > > > > [1] https://github.com/apache/openmeetings/blob/3.2.x/ > openmeetings-web/src/main/webapp/conf/om_ldap.cfg > > > > On Wed, May 3, 2017 at 7:38 PM, Chamberland, Martin < > [email protected]> wrote: > > We are using AS Windows 2012 > > > > By the way, i have already here a Openmeeting 3.0.3 that is connected > successfully on the same AD > > > > *De :* Wentao Liu [mailto:[email protected]] > *Envoyé :* 3 mai 2017 00:21 > *À :* Chamberland, Martin; '[email protected]' > *Objet :* RE: problem with LDAP (3.2.2) > > > > Hi Martin, > > > > Could you please tell which LDAP server you used? MS AD or OpenLDAP, > Apache Directory Server? > > Since the configuration is a little bit different among different servers.. > > > > Good luck! > > Wentao > > > > Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for > Windows 10 > > > > *From: *Chamberland, Martin <[email protected]> > *Sent: *Wednesday, 3 May 2017 2:06 AM > *To: *'[email protected]' <[email protected]> > *Subject: *problem with LDAP (3.2.2) > > > > Hi, > > > > I configure ldap on openmeeting 3.2.2 (snapshot) > > > > I think i did it correctly from server side (ldap.cfg file) and from the > web interface, but… > > I always receive this error message : > > > > ERROR 05-02 14:02:37.252 o.a.o.c.l.LdapLoginManagement:262 > [http-nio-0.0.0.0-5080-exec-9] - Unexpected exception. > > org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: > ERR_04202 A value is missing on some RDN > > > > Can you help me where i can look for more information to troubleshoot ? > > > > Thank’s in advance. > > > > Martin C. > > > > > > > > > > > > > > -- > > WBR > Maxim aka solomax > > > > > > -- > > WBR > Maxim aka solomax > > > > > > -- > > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
