Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Eric Horn
Active Directory Import Works, Login Doesn't
April 24, 2013 1:08 PM
Answer

Eric Horn

Rank: New Member

Posts: 3

Join Date: February 25, 2013

Recent Posts

I've read every message I can find on this subject but it just isn't working for me.

My understanding is that Liferay will import the users and then authentication will occur (via pwd match or pass through) with AD.

The users seem to import fine, except the password field is blank (but not in the database, they appear all unique) when you do the LDAP user test.
Either I have something hosed in my setup or I'm missing something obvious. I have attached my portal settings and my ldap authentication settings. I have also tried a combination of the following in my portal-ext.properties file (tried it without them as well).

ldap.auth.method=bind
ldap.import.enabled=true
ldap.import.user.password.enabled=true
ldap.import.user.password.default=password

Any assistance that could point me in the right direction would be greatly appreciated!

Thanks,

Eric
Attachment

Attachment

Attachment

Attachments: ldap-success.jpg (9.4k), liferay-authentication.jpg (38.2k), portal-settings.jpg (33.0k)
Amit Doshi
RE: Active Directory Import Works, Login Doesn't
April 25, 2013 12:31 AM
Answer

Amit Doshi

Rank: Liferay Master

Posts: 549

Join Date: December 29, 2010

Recent Posts

Hi Eric Horn,

If you checked enabled and required for LDAP then it will strongly bind with LDAP or AD for Authentication.

And also enabled the Use LDAP Password Policy.
Then try to login with the username and password which is in LDAP.

I think now it should work.

Thanks & Regards,
Amit Doshi
Eric Horn
RE: Active Directory Import Works, Login Doesn't
April 25, 2013 6:27 AM
Answer

Eric Horn

Rank: New Member

Posts: 3

Join Date: February 25, 2013

Recent Posts

I tried enabling LDAP password policy and that didn't help. Here is another clue. If I change the LR local password to match AD, it still won't authenticate, so however it compares with AD, it isn't working.

Amit Doshi:
Hi Eric Horn,

If you checked enabled and required for LDAP then it will strongly bind with LDAP or AD for Authentication.

And also enabled the Use LDAP Password Policy.
Then try to login with the username and password which is in LDAP.

I think now it should work.

Thanks & Regards,
Amit Doshi
Eric Horn
RE: Active Directory Import Works, Login Doesn't
April 26, 2013 11:13 AM
Answer

Eric Horn

Rank: New Member

Posts: 3

Join Date: February 25, 2013

Recent Posts

I ended up stumbling on the solution, so I'll post it here for others that may go down the same path I did.

I removed all the ldap junk I tried in the portal-ext.properties file and changed the authentication search string from (cn=@screen_name@) (this setting was in the LifeRay Administrator guide 2nd Edition) to the following:

(sAMAccountName=@screen_name@)

Now all appears to be working fine.