[Deploying Sakai] LDAP Integration Step by Step Guide
Grossman,John E
john.grossman at mdanderson.org
Thu Oct 8 08:01:29 PDT 2009
We found it useful to use an LDAP browsing tool like Jxplorer. You can interactively set your base DN and see if searches behave the way you want. Then once you’re confident you have the right base DN transfer it to jldap-beans.xml.
John
On 10/7/09 5:46 PM, "Steve Swinsburg" <steve.swinsburg at gmail.com> wrote:
Hi,
What happens if you leave out the OU=xxx altogether and just have the other path parts? In my debugging, an LDAP search still works.
Otherwise you could use a custom LDAP provider that chains search paths (and indeed completely different LDAP servers) together. This is one I worked on a while ago, but it is for 2.4: https://source.sakaiproject.org/contrib/une/providers/
cheers,
Steve
On 07/10/2009, at 11:11 PM, Ishtiaq Ahmad wrote:
Hi All,
I am facing one problem in LDAP searching user accounts in different OUs (Organizational Unit).
Jldap_bean.xml Configurations
Base path:
cn=Users,dc=ldap,dc=city,dc=edu,dc=com
Sakai is able to search those user accounts which exist at base path specified above....but it is not searching user accounts which exist in the OUs. We want to search user accounts in the LDAP whole directory.... Can u please tell me how can i instruct to sakai to search user accounts in the whole directory.?
I have different OUs as defined below...
OU=Staff,DC=ldap,DC=city,DC=edu,DC=com
OU=Students,DC=ldap,DC=city,DC=edu,DC=com
OU=Faculty,DC=ldap,DC=city,DC=edu,DC=com.
Thanks,
Ishtiaq Ahmad
On Fri, Oct 2, 2009 at 8:02 PM, Steve Selby <Steve_Selby at bonfils.org> wrote:
To turn on LDAP debugging, enter the following 2 lines in your sakai.properties file:
log.config.count=1
log.config.1 = DEBUG.edu.amc.sakai.user.JLDAPDirectoryProvider
Also make sure that you are not in demo mode – demo mode won’t use LDAP. Demo mode is usually set by adding -Dsakai.demo=true to your JAVA_OPTS.
Finally, the LDAP fields are case sensitive – make sure you have the spelling AND case correct.
Steve Selby
Director of Information Technology
Bonfils Blood Center
717 Yosemite Street
Denver, CO 80230-6918
Direct: 303-363-2296
www.bonfils.org <http://www.bonfils.org/>
Advancing Healthcare. Saving Lives.
From: production-bounces at collab.sakaiproject.org [mailto:production-bounces at collab.sakaiproject.org] On Behalf Of Ishtiaq Ahmad
Sent: Friday, October 02, 2009 7:40 AM
To: Steve Swinsburg
Cc: production at collab.sakaiproject.org; sakai-dev at collab.sakaiproject.org
Subject: Re: [Deploying Sakai] LDAP Integration Step by Step Guide
Hi Steve,
I am still unable to authenticate the user from LDAP.
I have run the following scenarios.
1. User: admin : this user exist in both sakai and ldap
password in sakai: admin
password in LDAP: 1234
sakai is authenticating the user with sakai password
2. User: Salman : this user exist only in LDAP
password in LDAP: 123
sakai is unable to authenticate the user from ldap
Note: I can login with this user name (Salman) on ldap directory domain but not from sakai.
Is there any mechanism to check whether sakai is actually communicating with LDAP or not?
how can I see error messages when sakai authenticate the user from LDAP?
I have enabled the logging mode of DEBUG in tomcate5w.exe
I am using Windows Server 2003 active directory, and sakai version is 2.5.4.
attached is my "jldap-beans.xml" and ldap directory structure...
thanks,
Ishtiaq Ahmad
On Fri, Sep 25, 2009 at 6:06 PM, Steve Swinsburg <steve.swinsburg at gmail.com> wrote:
Delete the user from your Sakai instance or use another user in LDAP that doesn't have a record in Sakai. With LDAP you don't need to create the user accounts in Sakai, all of their info will come from LDAP.
cheers,
Steve
On 25/09/2009, at 10:36 PM, Ishtiaq Ahmad wrote:
Hi,
thanks for a nice document, I have followed all the steps mentioned in this document. But my SAKAI 2.5.4 is not authenticating from LDAP....
Steps:
I have a user in sakai and in LDAP: 0056
Password in sakai: 1234
Password in LDAP: 0056
Login Successful using sakai password but fail using ldap password...
Please tell me if any other configuration...or how can i trace whether sakai is using my specified ldap...?
Regards,
Ishtiaq Ahmad
On Fri, Sep 25, 2009 at 3:39 PM, Steve Swinsburg <steve.swinsburg at gmail.com> wrote:
Hi,
Here's one I prepared earlier:
http://confluence.sakaiproject.org/display/~steve.swinsburg/LDAP+in <http://confluence.sakaiproject.org/display/%7Esteve.swinsburg/LDAP+in> +Sakai+2.5
cheers,
Steve
On 25/09/2009, at 8:18 PM, Ishtiaq Ahmad wrote:
Need a step by step guide for integrating Sakai with LDAP in 2.5.x.
--
Regards,
Ishtiaq Ahmad
--
Regards,
Ishtiaq Ahmad
--
Regards,
Ishtiaq Ahmad
Please consider our environment before you print this email.
Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information and must be protected in accordance with those provisions. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20091008/a2ea18a2/attachment-0001.html
More information about the production
mailing list