On Thu, 20 Jan 2011 13:10:06 -0600, Jill Han wrote:
Still no luck after trying adCompat="true".
That option was added in 6.0.21, it is not present in any 5.5.x. I
didn't see your version when I first replyd, sorry.
So you might try to update to a recent tomcat, which is always a good
idea.
Bye
Felix
Thanks,
Jill
-----Original Message-----
From: Felix Schumacher [mailto:felix.schumac...@internetallee.de]
Sent: Thursday, January 20, 2011 11:11 AM
To: Tomcat Users List
Subject: RE: how to configue tomcat ldap 2008
X-HOSTLOC: alverno.edu/10.0.60.9
Am Donnerstag, den 20.01.2011, 07:19 -0600 schrieb Jill Han:
Thanks for your reply.
1. Apache Tomcat version is 5.5.15.
2. Below is from the log file.
Jan 19, 2011 3:29:26 PM org.apache.catalina.realm.JNDIRealm
authenticate
SEVERE: Exception performing authentication
javax.naming.PartialResultException [Root exception is
javax.naming.CommunicationException:
DomainDnsZones.emp.alverno.edu:389
[Root exception is java.net.UnknownHostException:
DomainDnsZones.emp.alverno.edu]]
You could try "adCompat='true'" as shown on
http://tomcat.apache.org/tomcat-6.0-doc/config/realm.html, or maybe
DomainDnsZones.emp.alverno.edu is really not a valid dns name in your
environment.
But since I don't have an ads server it is more or less a guess.
Felix
However, usern...@emp.alverno.edu will be valid when the window
server
is 2003.
3. I haven't tested the query independently of Tomcat. I don't know
how. If you have the instructions, it will be very helpful.
Thanks again,
Jill
-----Original Message-----
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Wednesday, January 19, 2011 4:45 PM
To: Tomcat Users List
Subject: Re: how to configue tomcat ldap 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jill,
On 1/19/2011 4:56 PM, Jill Han wrote:
> Here is the snippet of server.xml
>
> <Realm className="org.apache.catalina.realm.JNDIRealm"
> debug="99"
debug isn't a valid attribute on any supported version of Tomcat.
What
version are you using?
> connectionName="usern...@some.college.edu"
> connectionPassword="userPass"
> connectionURL="ldap://some.college.edu:389"
So these credentials still work in the new installation?
> referrals="follow"
> userBase="dc=some,dc=college,dc=edu"
> userSearch="(sAMAccountName={0})"
> userRoleName="memberof"
> roleBase="dc=some,dc=college,dc=edu"
> roleName="cn"
> roleSearch="(uniqueMember={0})"
> userSubtree="true"
> roleSubtree="false"
Have you tested your query independently of Tomcat to see if it
matches
anything?
> It is working on 2003 server. However when the server is upgraded
to
> window 2008, it is not working anymore.
>
> Any suggestions?
What do the log files say?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk03aXcACgkQ9CaO5/Lv0PBOvACfbMbEFH+JxwlrEulx68NKe0OM
I1cAnAn5Yp82TQM2lXe+rXVu5xWIFqYL
=aYzD
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org