Hi Daniel, Could you please suggest what to do next. I am facing the same issue like Eric is facing, and same logs are getting generated for me. For all the ladps we are using the same BIND.
I tried to implement the concept of passivators and used the property poolpassivator=BIND. but this doesnt help. Moreover could you plzz suggest like if use more than one ldap, property should be like this:- cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldapUrl=ldaps://dcsvc-300.ad.wichita.edu ldaps://dcsvc-307.ad.wichita.edu ldaps://latitude.ad.wichita.edu ldaps://longitude.ad.wichita.edu or cas.authn.ldap[0].ldapUrl=ldaps://dcsvc-300.ad.wichita.edu cas.authn.ldap[1].ldapUrl= cas.authn.ldap[2].ldapUrl = cas.authn.ldap[3].ldapUrl = As in the Eric logs I cant figure it out on which ldap request is going for a login attemp and on which it failed. Its taking 4 ldaps as a whole. dIDProvider@376345b, config=[org.ldaptive.ConnectionConfig@1176659945: *:ldapUrl=ldaps://dcsvc-300.ad.wichita.edu <http://300.ad.wichita.edu/> ldaps://dcsvc-307.ad.wichita.edu <http://dcsvc-307.ad.wichita.edu/>ldaps://latitude.ad.wichita.edu <http://latitude.ad.wichita.edu/> ldaps://longitude.ad.wichita.edu <http://longitude.ad.wichita.edu/>*, connectTimeout=PT3M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1806177976::credentialConfig=null , trustManagers=null, hostnameVerifier=org .ldaptive.ssl.DefaultHostnameVerifier@4e9b6258, hostnameVerifierConfig=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=true, useStartTLS =false, connectionInitializer=[ org.ldaptive.BindConnectionInitializer@2088588092::bindDn=CN=casldapper ,CN=Managed Service Accounts,DC=ad,DC=wichita,DC=edu, bindSaslConfig=null, bindCont rols=null], connectionStrategy=org.ldaptive.ActivePassiveConnectionStrategy@29b56e75 ]], initialized=true, availableCount=0, activeCount=0] unable to connect to the ldap> org.ldaptive.LdapException: LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C090436, comment: AcceptSecurityContext error, data 52e, v4563 ^@', ldapSDKVersion=4.0.12, revision=aaefc59e0e6d110bf3a8e8a029adb776f6d2ce28 Thanks and regards On Thu, May 21, 2020 at 11:35 AM Vikash Chandra Ansh < vikasharnav0...@gmail.com> wrote: > Hi Daniel, > > I am unable to attach the screenshot as m using client VDI. > > Can u please tell me what all inputs you required so that I can send it > here. > > Thanks & Regards > > On Thu 21 May, 2020, 04:35 Daniel Fisher, <dfis...@vt.edu> wrote: > >> On Wed, May 20, 2020 at 4:06 PM Vikash Chandra Ansh < >> vikasharnav0...@gmail.com> wrote: >> >>> Hi Ray, >>> >>> I am asking a different concept. I am looking for a concept of >>> passivator where connection pool gets blocked after a failed login attempt. >>> If we use more than one ldap. During unsuccessful login ,bind will happen >>> on both simultaneously which will result to account lock. >>> >> >> Can you post the CAS logs that show simultaneous binds? >> >> --Daniel Fisher >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+unsubscr...@apereo.org. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFC6YwRsz4J9d7O84pD%3DNFb1kgBH1AOK25LiUOY7pkTg_rcENQ%40mail.gmail.com >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFC6YwRsz4J9d7O84pD%3DNFb1kgBH1AOK25LiUOY7pkTg_rcENQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BdrvxgFzk_hQa0%3DYqsCoJgNd1kp461a-SYq3d11WpUWiR6aMw%40mail.gmail.com.
