Also having LDAP issues:
It seems not to work.
Below is the om_ldap.cfg, that is used in the config file:
^[[39mDEBUG^[[0;39m 03-30 08:42:26.213 ^[[36mo.a.o.s.q.s.ReminderJob:93
[Bean#0_Worker-3]^[[0;39m - Rss disabled by Admin
^[[39mDEBUG^[[0;39m 03-30 08:52:26.214 ^[[36mo.a.o.s.q.s.ReminderJob:93
[Bean#0_Worker-8]^[[0;39m - Rss disabled by Admin
^[[39mDEBUG^[[0;39m 03-30 09:02:26.214 ^[[36mo.a.o.s.q.s.ReminderJob:93
[Bean#0_Worker-5]^[[0;39m - Rss disabled by Admin
^[[39mDEBUG^[[0;39m 03-30 09:11:36.412 ^[[36mo.a.o.d.d.s.LdapConfigDao:69
[io-5443-exec-10]^[[0;39m - getActiveLdapConfigs
^[[39mDEBUG^[[0;39m 03-30 09:11:36.517 ^[[36mo.a.o.d.d.s.LdapConfigDao:69
[nio-5443-exec-2]^[[0;39m - getActiveLdapConfigs
^[[39mDEBUG^[[0;39m 03-30 09:12:13.115 ^[[36mo.a.o.c.l.LdapLoginManager:172
[nio-5443-exec-2]^[[0;39m - LdapLoginmanager.doLdapLogin
^[[1;31mERROR^[[0;39m 03-30 09:12:13.129 ^[[36mo.a.o.c.l.LdapLoginManager:226
[nio-5443-exec-2]^[[0;39m - Not authenticated.
org.apache.directory.api.ldap.model.exception.LdapAuthenticationException:
80090308: LdapErr: DSID-0C090442, comment: AcceptSecurityContext error, data
52e, v3839^@
at
org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:1995)
What does the LdapLogin Manager message means, was the query user not able to
connect or was the end user password wrong.
How I can make visible, what the query for the user ist.
It should be in the form [email protected]<mailto:[email protected]> , maybe the
mapping is just wrong.
This is the modified
ldap_conn_host=DESVR-DC01.firma.de
ldap_conn_port=389
ldap_conn_secure=false
# Login distinguished name (DN) for Authentication on LDAP Server - keep empty
if not required
# Use full qualified LDAP DN
ldap_admin_dn=CN=ldapopenmeetings,OU=Users-Service-Accounts,DC=firma,DC=de
# Loginpass for Authentication on LDAP Server - keep empty if not required
ldap_passwd=#password#
# base to search for userdata(of user, that wants to login)
ldap_search_base=CN=Users,DC=firma,DC=de
# Fieldnames (can differ between Ldap servers)
ldap_search_query=(uid=%s)
# the scope of the search might be: OBJECT, ONELEVEL, SUBTREE
ldap_search_scope=SUBTREE
# Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND)
# When using SIMPLEBIND a simple bind is performed on the LDAP server to check
user authentication
# When using NONE, the Ldap server is not used for authentication
ldap_auth_type=SIMPLEBIND
# userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND
# might be used to get provisionningDn in case ldap_auth_type=NONE
ldap_userdn_format=uid=%s,CN=Users,DC=firma,DC=de
# Ldap provisioning type(NONE, AUTOCREATE, AUTOUPDATE)
ldap_provisionning=AUTOCREATE
# Ldap deref mode (never, searching, finding, always)
ldap_deref_mode=always
ldap_use_admin_to_get_attrs=true
# Ldap-password synchronization to OM DB
# Set this to 'true' if you want OM to synchronize the user Ldap-password to
OM's internal DB
# If you want to disable the feature, set this to any other string.
# Defautl value is 'true'
ldap_sync_password_to_om=false
# Ldap group mode (NONE, ATTRIBUTE, QUERY)
# NONE means group associations will be ignored
# ATTRIBUTE means group associations will be taken from 'ldap_group_attr'
attribute (M$ AD mode)
# QUERY means group associations will be taken as a result of
'ldap_group_query' query
ldap_group_mode=NONE
ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup))
# Ldap user attributes mapping
# Set the following internal OM user attributes to their corresponding
Ldap-attribute
ldap_user_attr_login=uid
ldap_user_attr_lastname=sn
ldap_user_attr_firstname=givenName
ldap_user_attr_mail=mail
ldap_user_attr_street=streetAddress
ldap_user_attr_additionalname=description
ldap_user_attr_fax=facsimileTelephoneNumber
ldap_user_attr_zip=postalCode
ldap_user_attr_country=co
ldap_user_attr_town=l
ldap_user_attr_phone=telephoneNumber
# optional attribute for user picture
#ldap_user_attr_picture=
ldap_group_attr=memberOf
# optional, absolute URL will be used as user picture if
#ldap_user_attr_picture will be empty
#ldap_user_picture_uri=picture_uri
# optional
# the timezone has to match any timezone available in Java, otherwise the
timezone defined in the value of
# the conf_key "default.timezone" in OpenMeetings "configurations" table
#ldap_user_timezone=timezone
# Ldap ignore upper/lower case, convert all input to lower case
ldap_use_lower_case=false
# Ldap import query, this query should retrieve all LDAP users
ldap_import_query=(objectClass=inetOrgPerson)
