Help with LDAP authentication

Wynne, David D.Wynne at ljmu.ac.uk
Fri Nov 16 11:19:00 EST 2012 

Thanks Sean.

Ok I've attaché my config as a .7z archive, with my password as XXXXXXXX for security.

Not sure what:

sAMAccountname={0}

actually means. Is the ={0}   expanded into something if so what ? The username field in the login.jsp ?

In the attribute resolver.xml I also have:

(samAccountName=$requestContext.principalName)

Don't know what that means either.

Dave
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Sean McHugh
Sent: 16 November 2012 15:40
To: Shib Users
Subject: Re: Help with LDAP authentication

On Fri, Nov 16, 2012 at 10:23 AM, Wynne, David <D.Wynne at ljmu.ac.uk<mailto:D.Wynne at ljmu.ac.uk>> wrote:
..


I'm trying to authenticate with our Microsoft Active Directory service, so the following configs are relevant:

login-config

edu.vt.middleware.ldap.jaas.LdapLoginModule required
        ldapUrl="ldap://bydc1.jmu.ac.uk<http://bydc1.jmu.ac.uk>"
        baseDn="ou=people, dc=jmu, dc=ac, dc=uk"
        ssl="false"
// 16/11/2012 D.Wynne Have to BIND with correct user credentials
        bindDn`"cn=XXXXXXXX at jmu.ac.uk<mailto:cn=XXXXXXXX at jmu.ac.uk>"
        bindCredential="XXXXXXXX"


How about your useFilter ?  Would be best if you posted the entire config

Typically for AD installations, you may be using :   sAMAccountname={0}  or mail={0} or userprincipalname={0}

read more here:  https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass


--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>

________________________________
Important Notice: the information in this email and any attachments is for the sole use of the intended recipient(s). If you are not an intended recipient, or a person responsible for delivering it to an intended recipient, you should delete it from your system immediately without disclosing its contents elsewhere and advise the sender by returning the email or by telephoning a number contained in the body of the email. No responsibility is accepted for loss or damage arising from viruses or changes made to this message after it was sent. The views contained in this email are those of the author and not necessarily those of Liverpool John Moores University.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20121116/cdb567bc/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: shibboleth.7z
Type: application/octet-stream
Size: 9459 bytes
Desc: shibboleth.7z
Url : http://shibboleth.net/pipermail/users/attachments/20121116/cdb567bc/attachment-0001.obj

More information about the users mailing list