Trying to integrate Openmeeting with 2012R2 AD
# # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # #ConfigurationFile for LDAP Auth #ConfigKey 'ldap_config_path' must be set in DataBase Configration of OM and point to this file #o.becherer,14.01.2009 #LDAP URL # This is the URL used to access your LDAP server. # if you want to use "ldaps://" links, please be aware that you need to import your CA certificate # to a java keystore and add the -Djavax.net.ssl.keyStore, -Djavax.net.ssl.keyStorePassword, # -Djavax.net.ssl.trustStore and -Djavax.net.ssl.trustStorePassword parameters to your # JAVA_OPT environment ldap_conn_host=192.168.206.12 ldap_conn_port=389 ldap_conn_secure=false # Login distinguished name (DN) for Authentication on LDAP Server - keep empty if not required # Use full qualified LDAP DN ldap_admin_dn=CN=ldap-bruger3,OU=ServiceAccounts,OU=company,DC=ad,DC=company,DC=dk # Loginpass for Authentication on LDAP Server - keep empty if not required ldap_passwd=XXX # base to search for userdata(of user, that wants to login) ldap_search_base=OU=Brugere,OU=company,DC=ad,DC=company,DC=dk # Fieldnames (can differ between Ldap servers) ldap_search_query=(uid=%s) # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE ldap_search_scope=SUBTREE # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND) # When using SIMPLEBIND a simple bind is performed on the LDAP server to check user authentication # When using NONE, the Ldap server is not used for authentication ldap_auth_type=SEARCHANDBIND # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND # might be used to get provisionningDn in case ldap_auth_type=NONE ldap_userdn_format=uid=%s,OU=Company,DC=medint,DC=local # Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE) ldap_provisionning=AUTOCREATE # Ldap deref mode (never, searching, finding, always) ldap_deref_mode=always # Set this to 'true' if you want to use admin_dn to get user attributes # If any other value is set, user_dn will be used ldap_use_admin_to_get_attrs=false # Ldap-password synchronization to OM DB # Set this to 'true' if you want OM to synchronize the user Ldap-password to OM's internal DB # If you want to disable the feature, set this to any other string. # Defautl value is 'true' ldap_sync_password_to_om=false # Ldap group mode (NONE, ATTRIBUTE, QUERY) # NONE means group associations will be ignored # ATTRIBUTE means group associations will be taken from 'ldap_group_attr' attribute (M$ AD mode) # QUERY means group associations will be taken as a result of 'ldap_group_query' query ldap_group_mode=NONE ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup)) Login windows reports with red ink "Invalid Password" Where does Openmeeting log more detailed information? My om_ldap.cfg looks like this (if anyone can find something weird): # Ldap user attributes mapping # Set the following internal OM user attributes to their corresponding Ldap-attribute ldap_user_attr_lastname=sn ldap_user_attr_firstname=givenName ldap_user_attr_mail=mail ldap_user_attr_street=streetAddress ldap_user_attr_additionalname=description ldap_user_attr_fax=facsimileTelephoneNumber ldap_user_attr_zip=postalCode ldap_user_attr_country=co ldap_user_attr_town=l ldap_user_attr_phone=telephoneNumber ldap_group_attr=memberOf # optional, only absolute URLs make sense #ldap_user_picture_uri=picture_uri # optional # the timezone has to match any timezone available in Java, otherwise the timezone defined in the value of # the conf_key "default.timezone" in OpenMeetings "configurations" table #ldap_user_timezone=timezone # Ldap ignore upper/lower case, convert all input to lower case ldap_use_lower_case=false
