[Deploying Sakai] LDAP connection question

bruceballou at olk12.com bruceballou at olk12.com
Thu Dec 9 12:55:53 PST 2010 

Hello Steve,

We have edited the files as you suggested, and the compile works
successful, I can see the LDAP server (from the sakai server):

[root at sakai-LDAP-test]#  ldapsearch -x -D
'uid=bruce,ou=People,dc=olk12,dc=
net' -W -H ldap://192.168.1.9 -b ou=People,dc=olk12,dc=net uid=bruce
Enter LDAP Password:

# extended LDIF
#
# LDAPv3
# base <ou=People,dc=olk12,dc=net> with scope subtree
# filter: uid=bruce
# requesting: ALL
#

# bruce, People, olk12.net
dn: uid=bruce,ou=People,dc=olk12,dc=net
uid: bruce
cn: bruce User
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJDBtSC9nOWlsJGlCd083TkhXaURNUm1qVDhwSWRwbzA=
shadowLastChange: 14950
loginShell: /bin/false
uidNumber: 58
gidNumber: 58
homeDirectory: /home/bruce
gecos: bruce User

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1



So, it appears to be working...



Now I go to log into sakai as bruce   password  and we see this in the
catalina.out file:


2010-12-09 12:47:10,383 DEBUG http-80-Processor24
edu.amc.sakai.user.JLDAPDirectoryProvider - searchDirectory(): [filter =
cn=bruce][reusing conn = false]
2010-12-09 12:47:10,392 ERROR http-80-Processor24
edu.amc.sakai.user.JLDAPDirectoryProvider - getUser() failed [eid:
bruce]
LDAPException: Invalid Credentials (49) Invalid Credentials
LDAPException: Matched DN:
        at com.novell.ldap.LDAPResponse.getResultException(Unknown
Source)
        at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source)
        at com.novell.ldap.LDAPConnection.chkResultCode(Unknown Source)
        at com.novell.ldap.LDAPConnection.bind(Unknown Source)
        at com.novell.ldap.LDAPConnection.bind(Unknown Source)
        at
edu.amc.sakai.user.SimpleLdapConnectionManager.bind(SimpleLdapConnectionManager.java:123)
        at
edu.amc.sakai.user.SimpleLdapConnectionManager.getConnection(SimpleLdapConnectionManager.java:92)
        at
edu.amc.sakai.user.JLDAPDirectoryProvider.searchDirectory(JLDAPDirectoryProvider.java:899)
        at
edu.amc.sakai.user.JLDAPDirectoryProvider.searchDirectoryForSingleEntry(JLDAPDirectoryProvider.java:847)
        at
edu.amc.sakai.user.JLDAPDirectoryProvider.getUserByEid(JLDAPDirectoryProvider.java:769)
        at
edu.amc.sakai.user.JLDAPDirectoryProvider.getUserByEid(JLDAPDirectoryProvider.java:723)


It appears to be looking in wrong places, but I am nothing but a
green-newbie...



Any help is greatly appreciated.


Thanx,

Bruce Ballou

sakai support



-------- Original Message --------
Subject: Re: [Deploying Sakai] LDAP connection question
From: Steve Swinsburg <steve.swinsburg at gmail.com>
Date: Wed, December 08, 2010 5:59 pm
To: <bruceballou at olk12.com> <bruceballou at olk12.com>
Cc: support at olk12.com, "sakai" <production at collab.sakaiproject.org>,
"sakai-dev Developers (sakai-dev at collab.sakaiproject.org)"
<sakai-dev at collab.sakaiproject.org>, "Naim_-_نعيم"
<naimsyed at hotmail.com>, "Abdul khader" <akhader at gmail.com>

Hi Bruce,

I assume you've configured the jldap-beans.xml with the correct settings
for your LDAP instance, and followed the rest of the LDAP guide to build
it all?

If so, you could post your settings, but change them for privacy.

Do you need an authenticated bind to LDAP or anonymous?

cheers,
Steve



On 09/12/2010, at 8:57 AM, <bruceballou at olk12.com>
<bruceballou at olk12.com> wrote:

> Hello Steve,
>
> We have built an LDAP server, and we can connect to it with the ldap
> search successfully, but sakai won't authenticate. What do you need to
> see so you can show me the light (the error of my ways...)
>
> Thanx,
>
> Bruce Ballou
>
> Sakai support
>
> -------- Original Message --------
> Subject: Re: [Deploying Sakai] LDAP connection question
> From: Steve Swinsburg <steve.swinsburg at gmail.com>
> Date: Mon, December 06, 2010 5:25 pm
> To: <bruceballou at olk12.com> <bruceballou at olk12.com>
> Cc: support at olk12.com, sakai <production at collab.sakaiproject.org>,
> "sakai-dev Developers (sakai-dev at collab.sakaiproject.org)"
> <sakai-dev at collab.sakaiproject.org>
>
> Hi Bruce,
>
> As Bill mentioned in a separate email, don't get Sakai involved at this
> stage, just try a normal LDAP connection to the various servers that you
> need to reach. Resolve the network issues so you can connect and then
> hook Sakai into them.
>
>
> cheers,
> Steve
>
>
>
>
>
> On 06/12/2010, at 11:37 PM, <bruceballou at olk12.com>
> <bruceballou at olk12.com> wrote:
>
> Dear Mr. Swinsburg,
>
> I found your instructions on utilizing LDAP for sakai authentication. I
> host sakai for some schools here in New Hampshire, USA, and I need to be
> able to reach back to their LDAP servers which sit behind their
> firewalls. Do you have any directions on how to best accomplish this? I
> think I need the schools to give me an IP address (public) that I can
> point to and they can allow my IP address to pass to the LDAP server.
>
> If anyone has used LDAP in this configuration, I would like to hear from
> you and any findings on how you worked out any issues.
>
> Any help you can give me on this will be greatly appreciated.
>
> Thanx,
>
> Bruce Ballou
>
> sakai support
>
> _______________________________________________
> production mailing list
> production at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/production
>
> TO UNSUBSCRIBE: send email to
> production-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>

More information about the production mailing list