JBoss Community

jboss ldapextloginmodule

created by rasha k in Beginner's Corner - View the full discussion

hi ,

 

im not sure if this is the right place to ask, if not plz direct me,

 

im trying to authinticate jboss with active directory and i did this login file

 

 

 

 

 

application-policy name="OpenKM">

     <authentication>

         <login-module flag="required" code="org.jboss.security.auth.spi.LdapExtLoginModule">

             <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>

          <module-option name="java.naming.provider.url">ldap://10.100.xx.xx:389/</module-option>

          <module-option name="java.naming.security.authentication">simple</module-option>

          <module-option name="bindDN">xxx\Admin</module-option>

          <module-option name="bindCredential">password</module-option>

          <module-option name="baseCtxDN">ou=user,dc=xxx,dc=local</module-option>

          <module-option name="baseFilter">(sAMAccountName={0})</module-option>

          <module-option name="rolesCtxDN">ou=user,dc=xxx,dc=local</module-option>

          <module-option name="roleFilter">(member={1})</module-option>

          <module-option name="roleAttributeIsDN">true</module-option>

          <module-option name="roleNameAttributeID">name</module-option>

          <module-option name="java.naming.referral">follow</module-option>

        </login-module>

     </authentication>

</application-policy>

 

and this is my configuration file

system.login.lowercase=on
principal.adapter=com.openkm.principal.LdapPrincipalAdapter


principal.ldap.server=ldap://10.100.200.91:389/

principal.ldap.security.principal=CN=Admin,ou=user,dc=xx,dc=local

principal.ldap.security.credentials=password

principal.ldap.user.search.base=ou=user,dc=xxx,dc=local

principal.ldap.user.search.filter=(objectclass=person)

principal.ldap.user.attribute=sAMAccountName



principal.ldap.role.search.base=ou=xxx,dc=xxx,dc=local

principal.ldap.role.search.filter=(jectcoblass=group)


principal.ldap.role.attribute=cn




principal.ldap.mail.search.base=cn={0},ou=xxx,dc=xxx,dc=local

principal.ldap.mail.search.filter=(&(objectclass=person)(sAMAccountName={0}))


principal.ldap.mail.attribute=mail

principal.ldap.users.by.role.search.base=ou=xxxx,dc=xxx,dc=local


principal.ldap.users.by.role.search.filter=(objectclass=group)

principal.ldap.users.by.role.attribute=member

principal.ldap.roles.by.user.search.base=ou=xxxx,dc=xxx,dc=local


principal.ldap.roles.by.user.search.filter=(&(objectclass=person)(sAMAccountName={0}))


principal.ldap.roles.by.user.attribute=memberOf

 

i can succesfully login with active directory user but the ploblem that all users and roles are not imported to openkm!!

 

my active directory dn is

 

 

"cn= user1, CN=group1,OU=xxx,DC=xxxx,DC=local"

"cn= user2,CN=group2,OU=xxx,DC=xxxx,DC=local"

"cn= user3,CN=group3,OU=xxx,DC=xxxx,DC=local"

 

where users and roles (groups) under OU

 

i m not sure if my mistake is in the configuring of roles ands users ?!

 

any help :(

Reply to this message by going to Community

Start a new discussion in Beginner's Corner at Community