[jboss-user] [JNDI/Naming/Network] - LdapLoginModule talking to microsoft adam
rbartig
do-not-reply at jboss.com
Tue Oct 16 16:50:41 EDT 2007
I'm forced to port our ldap server to microsoft adam and am having some issues getting jboss to talk to adam. Currently I've got the users/groups ported to adam and the msDS-UserAccountDisabled attribute is set to false (user is active). When I reset the password in Adsi Edit and try to log into one of our apps I'm getting the following:
2007-10-16 16:00:14,198 DEBUG [org.jboss.security.auth.spi.LdapLoginModule] Bad password for username=minime
javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C090336, comment: AcceptSecurityContext error, data 2030, va28
<application-policy name="LdapRealm">
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://localhost:389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="principalDNPrefix">uid=</module-option>
<module-option name="principalDNSuffix">,o=my.org</module-option>
<module-option name="rolesCtxDN">o=my.org</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="uidAttributeID">memberOf</module-option>
<module-option name="matchOnUserDN">false</module-option>
<module-option name="allowEmptyPasswords">false</module-option>
</login-module>
</application-policy>
I'm 90% sure I've got the LdapLoginModule wrong but am new to ldap/adam. Currently I'm using jboss 4.2.1 with adam 1.0. Any help would be greatly appreciated.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4095788#4095788
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4095788
More information about the jboss-user
mailing list