Hi, have a problem access LDAP and reading 2 OUs in parallel trees.

Peter Schober peter.schober at univie.ac.at
Mon Dec 12 15:38:47 GMT 2011


* Leonard Kroll <Leonard.Kroll at umb.edu> [2011-12-12 16:18]:
> It works if the user is found in the 2nd data connectors OU.
> If the user is found in the 1st data connector's OU, I get an error from
> the 2nd data connector, and no attributes are returned to the SP.

Does setting noResultIsError on the data connector change anything? Cf.
https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverLDAPDataConnector

> I am required by security to use https, port 636.
> Is there a better way to do this?

You probably meant ldaps (not https), for which no formal
specification exists (though widely used). If the question is about
alternatives to that, then the above link also shows how to setup
LDAP + STARTTLS instead,
-peter


More information about the users mailing list