[Building Sakai] [Deploying Sakai] LDAP Integration Step by Step Guide

Wed Oct 7 05:11:16 PDT 2009

Hi All,

I am facing one problem in LDAP searching user accounts in different OUs
(Organizational Unit).

*Jldap_bean.xml Configurations*
*Base path:*
cn=Users,dc=ldap,dc=city,dc=edu,dc=com

Sakai is able to search those user accounts which exist at base path
specified above....but it is not searching user accounts which exist in the
OUs. We want to search user accounts in the LDAP whole directory.... Can u
please tell me how can i instruct to sakai to search user accounts in the
whole directory.?

I have different OUs as defined below...

OU=Staff,DC=ldap,DC=city,DC=edu,DC=com
OU=Students,DC=ldap,DC=city,DC=edu,DC=com
OU=Faculty,DC=ldap,DC=city,DC=edu,DC=com.

Thanks,
Ishtiaq Ahmad

On Fri, Oct 2, 2009 at 8:02 PM, Steve Selby <Steve_Selby at bonfils.org> wrote:

>  To turn on LDAP debugging, enter the following 2 lines in your
> sakai.properties file:
>
>
>
> log.config.count=1
>
> log.config.1 = DEBUG.edu.amc.sakai.user.JLDAPDirectoryProvider
>
>
>
> Also make sure that you are not in demo mode – demo mode won’t use LDAP.
> Demo mode is usually set by adding -Dsakai.demo=true to your JAVA_OPTS.
>
>
>
> Finally, the LDAP fields are case sensitive – make sure you have the
> spelling AND case correct.
>
>
>
> *Steve Selby*
>
> Director of Information Technology
>
> *Bonfils Blood Center*
>
> 717 Yosemite Street
>
> Denver, CO 80230-6918
>
> Direct: 303-363-2296
>
> www.bonfils.org
>
> *Advancing Healthcare.  Saving Lives.*
>
>
>
> *From:* production-bounces at collab.sakaiproject.org [mailto:
> production-bounces at collab.sakaiproject.org] *On Behalf Of *Ishtiaq Ahmad
> *Sent:* Friday, October 02, 2009 7:40 AM
> *To:* Steve Swinsburg
> *Cc:* production at collab.sakaiproject.org;
> sakai-dev at collab.sakaiproject.org
> *Subject:* Re: [Deploying Sakai] LDAP Integration Step by Step Guide
>
>
>
> Hi Steve,
>
>
> I am still unable to authenticate the user from LDAP.
>
> I have run the following scenarios.
>
> *1. User:* admin    : this user exist in both sakai and ldap
>
> *password in sakai:* admin
> *password in LDAP: *1234
>
> sakai is authenticating the user with sakai password
>
>
> *2. User:* Salman : this user exist only in LDAP
>
> *password in LDAP:* 123
>
> sakai is unable to authenticate the user from ldap
>
> *Note*: I can login with this user name (Salman) on ldap directory domain
> but not from sakai.
>
> Is there any mechanism to check whether sakai is actually communicating
> with LDAP or not?
> how can I see error messages when sakai authenticate the user from LDAP?
>
> I have enabled the logging mode of DEBUG in tomcate5w.exe
>
>
> I am using Windows Server 2003 active directory, and sakai version is
> 2.5.4.
>
> *attached *is my "jldap-beans.xml" and ldap directory structure...
>
>
> thanks,
> Ishtiaq Ahmad
>
>
>
>  On Fri, Sep 25, 2009 at 6:06 PM, Steve Swinsburg <
> steve.swinsburg at gmail.com> wrote:
>
> Delete the user from your Sakai instance or use another user in LDAP that
> doesn't have a record in Sakai. With LDAP you don't need to create the user
> accounts in Sakai, all of their info will come from LDAP.
>
>
>
> cheers,
>
> Steve
>
>
>
>
>
>
>
> On 25/09/2009, at 10:36 PM, Ishtiaq Ahmad wrote:
>
>
>
>  Hi,
> thanks for a nice document, I have followed all the steps mentioned in this
> document. But my SAKAI 2.5.4 is not authenticating from LDAP....
> Steps:
> I have a user in sakai and in LDAP: 0056
> Password in sakai: 1234
> Password in LDAP: 0056
>
> Login Successful using sakai password but fail using ldap password...
>
>
> Please tell me if any other configuration...or how can i trace whether
> sakai is using my specified ldap...?
>
> Regards,
> Ishtiaq Ahmad
>
> On Fri, Sep 25, 2009 at 3:39 PM, Steve Swinsburg <
> steve.swinsburg at gmail.com> wrote:
>
> Hi,
>
> Here's one I prepared earlier:
>
> http://confluence.sakaiproject.org/display/~steve.swinsburg/LDAP+in<http://confluence.sakaiproject.org/display/%7Esteve.swinsburg/LDAP+in>
> +Sakai+2.5
>
> cheers,
> Steve
>
>
>
> On 25/09/2009, at 8:18 PM, Ishtiaq Ahmad wrote:
>
> Need a step by step guide for integrating Sakai with LDAP in 2.5.x.
>
>
>
> --
> Regards,
> Ishtiaq Ahmad
>
>
>
>
>
>
> --
> Regards,
> Ishtiaq Ahmad
>
>
>
>
>
>
> --
> Regards,
> Ishtiaq Ahmad
>   Please consider our environment before you print this email.
>
> *Confidentiality Notice:* This e-mail message, including any attachments,
> is for the sole use of the intended recipient(s) and may contain
> confidential and privileged information and must be protected in accordance
> with those provisions. Any unauthorized review, use, disclosure or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
>

-- 
Regards,
Ishtiaq Ahmad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20091007/e1f7e059/attachment.html 