Two dataconnectors (openldap and AD)

Vignesh, Vanna G. vignesh at
Wed May 13 17:55:40 EDT 2015

I have a openldap data connector which works fine.  I am trying to write another dc for active directory just to pull the groups from AD of the authenticated users. Openldap us used for authentication
First ,
I am getting CommunicationException error.  Error connecting to LDAP URL: ldap://    javax.naming.CommunicationException: edu:389. I also see javax.naming.PartialResultException: Unprocessed Continuation Reference. Here is my dc. Should I use dependency as openldap?
  <resolver:DataConnector id="mytestAD" xsi:type="LDAPDirectory"
        ldapURL=" ldap:// "


Where else should I define the samAccountName? The principal name of openldap is uid and principal name of AD is samaccountname. How would I tie it together to return all the group names of the user from AD?

To return the groups of the authenticated user from another dataconnector AD , should I use the following attribute definition? i.e. passing MemberOf to isMemberOf

<resolver:AttributeDefinition id="isMemberOf" xsi:type="Simple" xmlns="urn:mace:shibboleth:2.0:resolver:ad"
        <resolver:Dependency ref="mytestAD" />
        <resolver:AttributeEncoder xsi:type="SAML2String" xmlns="urn:mace:shibboleth:2.0:attribute:encoder"
            name="urn:oid:" friendlyName="isMemberOf" />

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list