Foros de discusión

  1. Inicio
  2. Portal
  3. LDAP Setup v5.2

LDAP Setup v5.2

Ben L, modificado hace 15 años.

LDAP Setup v5.2

New Member Mensajes: 9 Fecha de incorporación: 27/03/09 Mensajes recientes
Using the LDAP Gui setup for 5.2, I was able to successfully import all my users.

But here is the problem now, I set the login to 'screen name' and ldap is enabled and required.

I can't seem to login using any of the LDAP accounts, I even try to retrieve the password but it gives me an 'Intenal Service Error: An error occurred while accessing the requested resource. '

My Auth Search FIlter is set as:
(&(objectCategory=user)(sAMAccountName=@screen_name@))


I even logged into my admin account, impersonated the user I was trying to log in as, it asked for me to enter a password retriever question and answer.

Then I proceeded to try to retrieve the password using the new infomation I added, and it continues to give me the same error.

Also as an admin, I tried to change the password for a user imported from LDAP, it gives me a "User is unavailable".

Has anyone run into the same issues?

Thanks
thumbnail
Amos Fong, modificado hace 15 años.

RE: LDAP Setup v5.2

Liferay Legend Mensajes: 2047 Fecha de incorporación: 7/10/08 Mensajes recientes
Hey Ben,

What exceptions do you get in the logs? Is sAMAccountName the corresponding LDAP attribute to the Liferay screenname?

Do you have export enabled?
Ben L, modificado hace 15 años.

RE: LDAP Setup v5.2

New Member Mensajes: 9 Fecha de incorporación: 27/03/09 Mensajes recientes
Yes, Liferay's 'Screen Name' is mapped to my LDAP's sAMAccountName.

I dont have export turned on, what would this do?

I also noticed this know, in JXplorer, when I look at my LDAP Users, is UserPassword supposed to show blank?
For example, the JXplorer has two columns in the table, for 'userPassword', the corresponding cell is blank. Just a sanity check as this is the field i choose as my mapping. Thought when I click on the blank cell, it'll ask me to confirm password.

Also I checked the database after the import from LDAP, and all the users seem to have ported over correctly. The password field even shows an encrypted string. So I'm not sure why I'm still not able to use my LDAP password to log in.

Thanks for your help.
thumbnail
Amos Fong, modificado hace 15 años.

RE: LDAP Setup v5.2

Liferay Legend Mensajes: 2047 Fecha de incorporación: 7/10/08 Mensajes recientes
In my JXplorer, in the password field it shows: (non string data)

Somehow they must have got erased? But if you didn't have export enabled, Liferay shouldn't have done anything to your LDAP.
Ben L, modificado hace 15 años.

RE: LDAP Setup v5.2

New Member Mensajes: 9 Fecha de incorporación: 27/03/09 Mensajes recientes
Ok, now I'm getting concerned.

My JXplorer completely shows the 'userPassword' as blank, so I'm thinking that why my imported users dont have access. I went through a look of the data again in JXplorer and can't find any field that may look like the password.

Would anybody be able to relate?

Thanks
liu xiao, modificado hace 15 años.

RE: LDAP Setup v5.2

New Member Mensajes: 9 Fecha de incorporación: 7/04/09 Mensajes recientes
Ben L:
Using the LDAP Gui setup for 5.2, I was able to successfully import all my users.

But here is the problem now, I set the login to 'screen name' and ldap is enabled and required.

I can't seem to login using any of the LDAP accounts, I even try to retrieve the password but it gives me an 'Intenal Service Error: An error occurred while accessing the requested resource. '

My Auth Search FIlter is set as:
(&(objectCategory=user)(sAMAccountName=@screen_name@))


I even logged into my admin account, impersonated the user I was trying to log in as, it asked for me to enter a password retriever question and answer.

Then I proceeded to try to retrieve the password using the new infomation I added, and it continues to give me the same error.

Also as an admin, I tried to change the password for a user imported from LDAP, it gives me a "User is unavailable".

Has anyone run into the same issues?

Thanks


i got the same problem , and u can select the "reset password" box,and the password will be export to ldap and you can authenthticate, but also can u see the user group in your control panne?
I have another problem as
http://www.liferay.com/web/guest/community/forums/-/message_boards/message/2741649
Ben L, modificado hace 15 años.

RE: LDAP Setup v5.2

New Member Mensajes: 9 Fecha de incorporación: 27/03/09 Mensajes recientes
I noticed that my JXplorer has 'userPassword' as completely blank instead of (non-string ...)

Could this be a reason why? But then, seems like I can find another field that would relate to the password.

Also I heard that passwords are imported from LDAP? Is this true?
thumbnail
Amos Fong, modificado hace 15 años.

RE: LDAP Setup v5.2

Liferay Legend Mensajes: 2047 Fecha de incorporación: 7/10/08 Mensajes recientes
Yea that's probably why.

Also I heard that passwords are imported from LDAP? Is this true?

Yes passwords from LDAP should be imported into Liferay. If it's a different attribute map it to that attribute. If the password is blank, then it will create a random password for the user.
Ben L, modificado hace 15 años.

RE: LDAP Setup v5.2

New Member Mensajes: 9 Fecha de incorporación: 27/03/09 Mensajes recientes
Below is a list of all the fields in my LDAP for each of my users. I'm using JXplorer, currently I can't find a field where I can map password too.

cn
instanceType
nTSecurityDescriptor
objectCategory
objectClass
objectClass
objectClass
objectClass
accountExpires
adminCount
badPasswordTime
badPwdCount
codePage
countryCode
description
displayName
distinguishedName
givenName
homeMDB
homeMTA
lastLogoff
lastLogon
lastLogonTimestamp
legacyExchangeDN
logonCount
mail
mailNickname
mDBUseDefaults
memberOf
msExchALObjectVersion
msExchHomeServerName
msExchMailboxGuid
msExchMailboxSecurityDescriptor
msExchPoliciesIncluded
msExchUserAccountControl
name
objectGUID
objectSid
primaryGroupID
proxyAddresses
pwdLastSet
sAMAccountName
sAMAccountType
showInAddressBook
showInAddressBook
sn
textEncodedORAddress
userAccountControl
userPrincipalName
uSNChanged
uSNCreated
whenChanged
whenCreated
thumbnail
Amos Fong, modificado hace 15 años.

RE: LDAP Setup v5.2

Liferay Legend Mensajes: 2047 Fecha de incorporación: 7/10/08 Mensajes recientes
I'm not sure but I think you can add a password attribute to one of your object classes.