Hi Kelvin,
I have reconfigured the settings and mentioned the base DN for discovery
like you suggested.
Still I am not able to get the plugin configured. I have restarted the AR
server.
Below is the exact excert of the arjavaplugin.log (I have replaced actual
clients values with <tags>):
2014-12-15 03:41:26,846 ERROR [pool-4-thread-22]
com.bmc.arsys.pluginsvr.plugins.a (?:?) - getListForms() FAILs in plugin:
ARSYS.ARDBC.LDAP
ERROR (3377): The LDAP operation has failed;
javax.naming.OperationNotSupportedException: [LDAP: error code 12 -
Unavailable Critical Extension]; remaining name 'ou=<ou of
bindaccounts>,dc=<clietns DOmain group>,dc=com'
at com.bmc.arsys.plugins.ardbcldap.ARDBCLDAPPlugin.getListForms(Unknown
Source)
at com.bmc.arsys.pluginsvr.plugins.a.ArdbcGetListForms(Unknown Source)
at com.bmc.arsys.pluginsvr.a.ArEsArdbcGetListForms_5(Unknown Source)
at com.bmc.arsys.pluginsvr.a.ArEsArdbcGetListForms_4(Unknown Source)
at
com.bmc.arsys.arrpc.ARPluginServerDispatcher.dispatchOncRpcCall(Unknown
Source)
at com.bmc.arsys.arrpc.nio.ArRpcCallHandler.dispatchCall(Unknown Source)
at com.bmc.arsys.arrpc.nio.ArRpcCallHandler.if(Unknown Source)
at com.bmc.arsys.arrpc.nio.ArRpcCallHandler.processRpcCall(Unknown
Source)
at com.bmc.arsys.arrpc.nio.ArRpcCallHandler$Processor.run(Unknown
Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Kindly suggest.
Thanks in advance.
Onkar.
On Sun, Dec 14, 2014 at 8:47 AM, onkar shinde <onkarbshi...@gmail.com>
wrote:
>
> Hey kevin,
> Many Thanks for your quick reply.
>
> Yes i am actually going to use SSL, i have already created cert.db files
> using certutil... But i thought 1st to give a shot without SSL, as the
> given Ldap server is a test server, enabled on both 389 and 636.
>
> So coming back to configuration, below is what i have configured on ARDBC
> LDAP form:
>
> Host name: clients LDAP server hostname
> Port: 389 for time being
> Bind user: uid=test,ou=bindaccounts,dc=<clients LDAP hostname>,dc=com
> Bind password: given password
> No SSL.
> LDAP Server generalised timing.
> Failover timeout:5
> Directory page size:1000
> Base DN for discovery: dc=<clients hostname>,dc=com
>
> So i guess only information which is not configured correctly is Base DN
> for discovery, here I am not specifying ou.. but only mere Base DN.
>
> I will give this a try and let you know.
> Thanks again.
>
> Onkar.
> On Dec 14, 2014 4:10 AM, "Kevin Eldridge" <
> kevin.eldri...@itsmuniversity.net> wrote:
>
>> **
>>
>> Hello Onkar,
>>
>>
>>
>> I ran into a similar issue when connecting to a Red Hat LDAP server,
>> using UID, and not a MS Exchange server, since that is what the
>> sAMAccountName is used for. I used the following settings to make the ARDBC
>> LDAP connection:
>>
>>
>>
>> Host Name: ldap.host.com
>>
>> Port Number: 636
>>
>> Bind User: uid=ldapuser,ou=service,dc=host,dc=com
>>
>> Bind Password: <password>
>>
>> Use Secure Socket Layer: Yes
>>
>> Certificate Database: <Path to java keystore; e.x. C:\LDAP\ldaptrust.jks>
>>
>> LDAP Date-Time Format: Generalized Time
>>
>> Failover Timeout: 3000
>>
>> Directory Page Size: 1000
>>
>> Base DN for Discovery: ou=people,dc=host,dc=com
>>
>>
>>
>> If you are not using SSL, this will make things much, much easier. Your
>> default port for non-SSL is 389. If you are using SSL, ensure you have
>> created your Java Keystore using the following command:
>>
>>
>>
>> Create the Cert Database:
>>
>> certutil -N -d <certDir>
>>
>> Import the certs into the
>>
>> keytool -import -noprompt -trustcacerts -keystore <PATH TO JavaKeyStore;
>> i.e. C:\JKS\javakeystore.jks> -storepass <Password for JKS file> -alias
>> <Provide an alias> -file <PATH TO Certificate file; i.e.
>> C:\CERT\certificate.crt>
>>
>>
>>
>> There is a good bit of information on the Java Keystore in the AR System
>> 8.1 documentation
>>
>>
>>
>> I hope this helps.
>>
>>
>>
>> Kevin Eldridge
>> _ARSlist: "Where the Answers Are" and have been for 20 years_
>
>
--
Regards,
Onkar Shinde
Senior Software Engineer
Vyom Labs Pvt. Ltd.
BSM Solutions & Services || ITIL Consulting & Training
Telephone: +91-20-6632-1000
Mobile: +91-7709008719
Email: onkar.shi...@vyomlabs.com
Web: www.vyomlabs.com
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"
