Vista Combinata Vista Piatta Vista ad Albero
Discussioni [ Precedente | Successivo ]
toggle
S T
LDAP configuration, 4.3.6
12 febbraio 2008 7.17
Risposta

S T

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 30 gennaio 2008

Messaggi recenti

Hi,

I installed Apache Directory and JXPlorer following faithfully to the instructions in Liferay Portal 4 Installation Guide, as I need to study using LDAP and all this is quite new to me. After making LDAP configuration changes in Liferay Admin portlet I now cannot log in even as administrator (test@liferay.com) which makes corrections a little bit more complicated. Tomcat says:
ERROR [MainServlet:500] com.liferay.portal.ModelListenerException: javax.naming.NameNotFoundException: [LDAP: error code 32 - failed on search oper
ation: Attempt to search under non-existant entry: 2.5.4.11=users,0.9.2342.19200300.100.1.25=example,0.9.2342.19200300.100.1.25=com]; remaining name 'ou=users,d
c=example,dc=com'
com.liferay.portal.ModelListenerException: javax.naming.NameNotFoundException: [LDAP: error code 32 - failed on search operation: Attempt to search under non-ex
istant entry: 2.5.4.11=users,0.9.2342.19200300.100.1.25=example,0.9.2342.19200300.100.1.25=com]; remaining name 'ou=users,dc=example,dc=com'
at com.liferay.portal.model.UserListener.onAfterUpdate(UserListener.java:90)
at com.liferay.portal.service.persistence.UserUtil.update(UserUtil.java:102)
at com.liferay.portal.service.impl.UserLocalServiceImpl.updateLastLogin(UserLocalServiceImpl.java:1318)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
etc

I am using Liferay 4.3.6. I browsed the forums on this and found some suggestions on this suggesting going to 4.4.0. So, is this a bug - should I start using 4.4.0 - or can I fix it? If so, any good suggestions?

Satu
JR Houn
Thread Moved.
12 febbraio 2008 10.05
Risposta

JR Houn

LIFERAY STAFF

Punteggio: Expert

Messaggi: 489

Data di Iscrizione: 19 novembre 2007

Messaggi recenti

Thread moved to appropriate category: Portal Framework.
jr
S T
RE: LDAP configuration, 4.3.6
13 febbraio 2008 2.04
Risposta

S T

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 30 gennaio 2008

Messaggi recenti

There seems to be a lot of posts on these LDAP settings on various Liferay versions and some bug reports as well, but no good answers (the answers being "use the next version" or "clear database").

Today I could again log into my portal as test@liferay.com. Why? I'm not sure. I tried putting "omniadmin.users=somestuff" in my portal-ext.properties but login finally succeeded even though I outcommented the line. I think shutting down the computer and going home did the trick (as often is the case).

Anyways, now I had the NullPointerException (..getLastPath) when trying to log in as Jane Smith. This has been reported in various places. Since I could not get this work and trying messed up the whole portal startup, I cleared the line in PortletPreferences table. (There was a line with plid=0, portledId=LIFERAY-PORTAL, and preferences column containing some ldap-related stuff.) Now everything seems to work, my LDAP settings have disappeared etc. Still I'm not sure what to try now. I have Jane Smith in LDAP but not in Liferay. Certainly I will try to do the LDAP settings in portal-ext.properties now instead of Enterprise Admin portlet but I still do not know what went wrong in the first place.

Satu
S T
RE: LDAP configuration, 4.3.6 [RESOLVED]
13 febbraio 2008 7.04
Risposta

S T

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 30 gennaio 2008

Messaggi recenti

OK, got it to work somehow. I'll explain this briefly just in case some other newbie could find something useful from this experience.

After managing to log in as administrator again, I tried making various LDAP settings in portal-ext.properties (and this is sooo much better than GUI because these settings do not end up in database). First I got the same NameNotFoundException with admin user when I set just
1ldap.auth.enabled=true

Then I put some other stuff as well:
1ldap.auth.password.encryption.algorithm=SHA # SHA is the algorithm I chose in LDAP browser
2ldap.users.dn=ou=users,dc=example,dc=com
3ldap.groups.dn=ou=groups,dc=example,dc=com
4ldap.export.enabled=false


Changing ldap.users.dn and ldap.groups.dn entries finally let me log in as admin - I tried different combinations.

Still I was not able to log in as janesmith. The error was NPE throwing initially NoSuchGroupException (or something of the kind). I checked my Liferay database because I figured there must be something broken for user janesmith. Now, janesmith was actually in User_ table; at some point user had been added there. I deleted the database row for janesmith. Then I did the login trial once more - and magically janesmith was reentered in User_ table, and this time I was allowed to log in. I tested this and made another user in LDAP and it also worked. So, at some point janesmith must have been somehow corrupted in Liferay database.

This was done with Liferay 4.3.6. running on Tomcat, Apache Directory Server 1.0.2, JXPlorer 3.2.

Now the *real* work could start...

Satu
Sebastián Gurin
RE: LDAP configuration, 4.3.6
19 febbraio 2008 6.34
Risposta

Sebastián Gurin

Punteggio: Junior Member

Messaggi: 75

Data di Iscrizione: 13 giugno 2007

Messaggi recenti

hi. i was able to login with an ldap account following the steps of liferay 4.2 ldap integration show cast, but using apache directory server version 1.5 not (1.00 like the showcast).

Note: i'm using liferay 4.4.1

cheers!
Jonas Yuan
RE: LDAP configuration, 4.3.6
27 aprile 2008 23.02
Risposta

Jonas Yuan

Punteggio: Liferay Master

Messaggi: 993

Data di Iscrizione: 26 aprile 2007

Messaggi recenti

Here is a simple solution:

Just update your local database - reset LDAP

update PortletPreferences set preferences = '<portlet-preferences>
<preference><name>ldap.auth.password.encryption.algorithm</name><value></value></preference>
<preference><name>ldap.auth.search.filter</name><value>(mail=@email_address@)</value></preference>
<preference><name>ldap.import.user.search.filter</name><value>(objectClass=inetOrgPerson)</value></preference>
<preference><name>ldap.auth.required</name><value>false</value></preference>
<preference><name>ldap.security.principal</name><value></value></preference>
<preference><name>ldap.export.enabled</name><value>true</value></preference>
<preference><name>ldap.user.mappings</name><value>screenName=cn[$NEW_LINE$]
password=userPassword[$NEW_LINE$]emailAddress=mail[$NEW_LINE$]firstName=givenName[
$NEW_LINE$]lastName=sn[$NEW_LINE$]jobTitle=title</value></preference>
<preference><name>ldap.security.credentials</name><value></value></preference>
<preference><name>ldap.import.enabled</name><value>false</value></preference>
<preference><name>ldap.auth.enabled</name><value>false</value></preference>
<preference><name>ldap.import.group.search.filter</name><value>(objectClass=groupOfUniqueNames)</value></preference>
<preference><name>ldap.base.provider.url</name><value></value></preference>
<preference><name>ldap.import.on.startup</name><value>false</value></preference>
<preference><name>ldap.import.interval</name><value>10</value></preference>
<preference><name>ldap.base.dn</name><value></value></preference>
<preference><name>ldap.user.default.object.classes</name>
<value>top,person,inetOrgPerson,organizationalPerson</value></preference>
<preference><name>ldap.password.policy.enabled</name><value>false</value></preference>
<preference><name>ldap.users.dn</name><value></value></preference></portlet-preferences>'
where PortletId='LIFERAY_PORTAL' and ownerId=10095;

Jonas Yuan
http://liferay.cignex.com - Liferay Book
S T
RE: LDAP configuration, 4.3.6
28 aprile 2008 22.40
Risposta

S T

Punteggio: New Member

Messaggi: 19

Data di Iscrizione: 30 gennaio 2008

Messaggi recenti

Hi,

thanks for the comment. In case of future problems: can you specify which problem is solved with setting the ldap.auth.enabled property to false and resetting LDAP? The initial errors?

Satu
Jonas Yuan
RE: LDAP configuration, 4.3.6
29 aprile 2008 0.14
Risposta

Jonas Yuan

Punteggio: Liferay Master

Messaggi: 993

Data di Iscrizione: 26 aprile 2007

Messaggi recenti

In case that you have configured LDAP in a wrong way, and you can not login anymore with any default account such as "test@liferay.com".

In logs, you will receive error messages, such as "LDAP connection exception ..."

Thus, above solution will help you reset the LDAP. After that, you can log in with any default account such as "test@liferay.com" again.


Jonas Yuan

http://liferay.cignex.com - Liferay Book