[Deploying Sakai] LDAP Integration Step by Step Guide

Steve Selby Steve_Selby at bonfils.org
Fri Oct 2 08:02:40 PDT 2009

To turn on LDAP debugging, enter the following 2 lines in your
sakai.properties file:



log.config.1 = DEBUG.edu.amc.sakai.user.JLDAPDirectoryProvider


Also make sure that you are not in demo mode - demo mode won't use LDAP.
Demo mode is usually set by adding -Dsakai.demo=true to your JAVA_OPTS.


Finally, the LDAP fields are case sensitive - make sure you have the spelling
AND case correct.


Steve Selby

Director of Information Technology

Bonfils Blood Center 

717 Yosemite Street

Denver, CO 80230-6918

Direct: 303-363-2296

www.bonfils.org <http://www.bonfils.org/> 

Advancing Healthcare.  Saving Lives.


From: production-bounces at collab.sakaiproject.org
[mailto:production-bounces at collab.sakaiproject.org] On Behalf Of Ishtiaq
Sent: Friday, October 02, 2009 7:40 AM
To: Steve Swinsburg
Cc: production at collab.sakaiproject.org; sakai-dev at collab.sakaiproject.org
Subject: Re: [Deploying Sakai] LDAP Integration Step by Step Guide


Hi Steve,

I am still unable to authenticate the user from LDAP.

I have run the following scenarios.

1. User: admin    : this user exist in both sakai and ldap

password in sakai: admin
password in LDAP: 1234

sakai is authenticating the user with sakai password

2. User: Salman : this user exist only in LDAP

password in LDAP: 123

sakai is unable to authenticate the user from ldap

Note: I can login with this user name (Salman) on ldap directory domain but
not from sakai.

Is there any mechanism to check whether sakai is actually communicating  with
LDAP or not?
how can I see error messages when sakai authenticate the user from LDAP?

I have enabled the logging mode of DEBUG in tomcate5w.exe

I am using Windows Server 2003 active directory, and sakai version is 2.5.4.

attached is my "jldap-beans.xml" and ldap directory structure...

Ishtiaq Ahmad

On Fri, Sep 25, 2009 at 6:06 PM, Steve Swinsburg <steve.swinsburg at gmail.com>

Delete the user from your Sakai instance or use another user in LDAP that
doesn't have a record in Sakai. With LDAP you don't need to create the user
accounts in Sakai, all of their info will come from LDAP.







On 25/09/2009, at 10:36 PM, Ishtiaq Ahmad wrote:

thanks for a nice document, I have followed all the steps mentioned in this
document. But my SAKAI 2.5.4 is not authenticating from LDAP.... 
I have a user in sakai and in LDAP: 0056
Password in sakai: 1234
Password in LDAP: 0056

Login Successful using sakai password but fail using ldap password...

Please tell me if any other configuration...or how can i trace whether sakai
is using my specified ldap...?

Ishtiaq Ahmad

On Fri, Sep 25, 2009 at 3:39 PM, Steve Swinsburg <steve.swinsburg at gmail.com>


Here's one I prepared earlier:



On 25/09/2009, at 8:18 PM, Ishtiaq Ahmad wrote:

Need a step by step guide for integrating Sakai with LDAP in 2.5.x.

Ishtiaq Ahmad


Ishtiaq Ahmad


Ishtiaq Ahmad

Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information and must be protected in accordance with those provisions.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20091002/c4a5039f/attachment.html 

More information about the production mailing list