O.K. I'll file it in JIRA. I have another issue. Our groups are not located in 1 location. They're all over the place. This means, in order to target 2 specific groups, I have to specify a domain that's 1 level below the root.
Using this domain returns a list of users so huge that I get the following message: [[LDAP: error code 3 - Timelimit Exceeded]] ...every time I click on "Manage", "Roles", or "Users Runtime Configuration". Clicking on "Manage" also now pulls up the "Roles" page. Any suggestions about what I can do? Can I map multiple groups? - Chris Harris -----Original Message----- From: Olivier Lamy [mailto:[email protected]] Sent: Tuesday, March 04, 2014 5:44 PM To: [email protected] Subject: Re: MRM-1791 doesn't seem to be fixed Hi On 5 March 2014 09:40, Harris, Christopher P <[email protected]> wrote: > Hi, Sascha & Olivier. > > Sascha, your advice worked! Thank you! > > Olivier, I had to go find the groups element within archiva.xml and manually > edit it. It was not available within the properties section. Is that a bug? Uhm not sure exactly. (but no time ATM to test that). So yes a jira entry could help as a reminder -:) > > Chris Harris > Sr. Systems Consultant > Baxter Mobility CoE > Baxter Healthcare Corporation > 340 N Milwaukee Ave VH1E-075 > Vernon Hills, IL 60061 > One Baxter Parkway DF6-4E > Deerfield, Illinois 60015 > M 224.383.4947 T 847.371.6632 F 224.948.2885 > [email protected]<mailto:[email protected]> > > On Mar 4, 2014, at 5:59 AM, Olivier Lamy > <[email protected]<mailto:[email protected]>> wrote: > > On 4 March 2014 20:22, Sascha Vogt > <[email protected]<mailto:[email protected]>> wrote: > Hi Chris, > > Am 04.03.2014 01:00, schrieb Harris, Christopher P: > The LDAP config is correct. The tests conducted by the "Verify LDAP > changes." and "Verify LDAP configuration on server side." Buttons > successfully execute. > Well, those tests don't really verify much ;) > > yup only we can connect to the ldap server with the credentials (not > more :-) ) > > > However, when I navigate to the "LDAP/Roles Mapping" tab, no groups > are listed within the LDAP Groups dropdown menu. > You need to tweak a few things before that'll work > > This has never worked for me. How do I get this to work? > First, check that under "Users Runtime Configuration" you have added > the LDAP RBac Manager. We have both, database first, LDAP second for > both, UserManager and RbacManager. > > Second, tab LDAP: > baseDn, for the users to login > base Dn for groups, your groups are here > > Third, Properties tab: > ldap.config.mapper.attribute.user.id = sAMAccountName > ldap.config.mapper.attribute.password = userPassword > ldap.config.mapper.attribute.user.object.class = user > > 4th, archiva.xml > /configuration/redbackRuntimeConfiguration/configurationProperties/lda > p > (XML path) > > Make sure you have > <config> > <groups> > <member>member</member> > <class>group</class> > </groups> > ... > </config> > in there. > > can be added in the properties tab (normally :-) ) > > > Then you should be able to see in LDAP/Roles Mapping a dropdown filled > with your groups. > > Hope that helps, > Greetings > -Sascha- > > > > -- > Olivier Lamy > Ecetera: http://ecetera.com.au > http://twitter.com/olamy | http://linkedin.com/in/olamy > > The information transmitted is intended only for the person(s) or entity to > which it is addressed and may contain confidential and/or legally privileged > material. Delivery of this message to any person other than the intended > recipient(s) is not intended in any way to waive privilege or > confidentiality. Any review, retransmission, dissemination or other use of, > or taking of any action in reliance upon, this information by entities other > than the intended recipient is prohibited. If you receive this in error, > please contact the sender and delete the material from any computer. > > For Translation: > > http://www.baxter.com/email_disclaimer -- Olivier Lamy Ecetera: http://ecetera.com.au http://twitter.com/olamy | http://linkedin.com/in/olamy The information transmitted is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or legally privileged material. Delivery of this message to any person other than the intended recipient(s) is not intended in any way to waive privilege or confidentiality. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. For Translation: http://www.baxter.com/email_disclaimer
