[jboss-user] [JNDI/Naming/Network] - LdapLoginModule talking to microsoft adam

[rbartig]

I'm forced to port our ldap server to microsoft adam and am having some issues getting jboss to talk to adam.  Currently I've got the users/groups ported to adam and the msDS-UserAccountDisabled attribute is set to false (user is active).  When I reset the password in Adsi Edit and try to log into one of our apps I'm getting the following:

2007-10-16 16:00:14,198 DEBUG [org.jboss.security.auth.spi.LdapLoginModule] Bad password for username=minime
javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C090336, comment: AcceptSecurityContext error, data 2030, va28

<application-policy name="LdapRealm">
  
    <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
      <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
      <module-option name="java.naming.provider.url">ldap://localhost:389/</module-option>
      <module-option name="java.naming.security.authentication">simple</module-option>
      <module-option name="principalDNPrefix">uid=</module-option>
      <module-option name="principalDNSuffix">,o=my.org</module-option>
      <module-option name="rolesCtxDN">o=my.org</module-option>
      <module-option name="roleAttributeID">cn</module-option>
      <module-option name="uidAttributeID">memberOf</module-option>
      <module-option name="matchOnUserDN">false</module-option>
      <module-option name="allowEmptyPasswords">false</module-option>
    </login-module>
  
</application-policy>

I'm 90% sure I've got the LdapLoginModule wrong but am new to ldap/adam.  Currently I'm using jboss 4.2.1 with adam 1.0.  Any help would be greatly appreciated.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4095788#4095788

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4095788