Hi, Thank for the logger, I've added it at the end of log4j2 file and set level to *debug*
Here is my error log now (debug logs doesn't seem to give much more information) : *2023-06-16 09:12:06,090 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] expired tickets removed.>2023-06-16 09:12:22,891 WARN [org.ldaptive.transport.netty.NettyConnection] - <Inbound handler caught exception for org.ldaptive.transport.netty.NettyConnection@472298790::ldapUrl=[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null], isOpen=true, connectTime=2023-06-16T09:09:32.569972500Z, connectionConfig=[org.ldaptive.ConnectionConfig@1751226570::ldapUrl=ldap://localhost:389, connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M, autoReconnect=true, autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1680/0x0000000100199c40@594e605c, autoReplay=true, sslConfig=[org.ldaptive.ssl.SslConfig@1885893078::credentialConfig=null, trustManagers=null, hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@26a2d23f, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false, connectionInitializers=null, connectionStrategy=[org.ldaptive.ActivePassiveConnectionStrategy@1122089449::ldapURLSet=[org.ldaptive.LdapURLSet@1745317225::active=[[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null]], inactive=[]], activateCondition=org.ldaptive.transport.TransportConnection$$Lambda$1692/0x0000000100bd7840@6bd15511, retryCondition=org.ldaptive.AbstractConnectionStrategy$$Lambda$1683/0x0000000100b72040@24308773, initialized=true], connectionValidator=null, transportOptions={}], channel=[id: 0x560c13d8, L:/127.0.0.1:64781 - R:localhost/127.0.0.1:389]>2023-06-16 09:12:22,891 WARN [org.ldaptive.transport.netty.NettyConnection] - <Inbound handler caught exception for org.ldaptive.transport.netty.NettyConnection@1727297356::ldapUrl=[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null], isOpen=true, connectTime=2023-06-16T09:09:32.523206700Z, connectionConfig=[org.ldaptive.ConnectionConfig@535779327::ldapUrl=ldap://localhost:389, connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M, autoReconnect=true, autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1680/0x0000000100199c40@594e605c, autoReplay=true, sslConfig=[org.ldaptive.ssl.SslConfig@49261306::credentialConfig=null, trustManagers=null, hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@4a6e0d4c, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false, connectionInitializers=null, connectionStrategy=[org.ldaptive.ActivePassiveConnectionStrategy@266689882::ldapURLSet=[org.ldaptive.LdapURLSet@1792062454::active=[[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null]], inactive=[]], activateCondition=org.ldaptive.transport.TransportConnection$$Lambda$1692/0x0000000100bd7840@15176c2c, retryCondition=org.ldaptive.AbstractConnectionStrategy$$Lambda$1683/0x0000000100b72040@24308773, initialized=true], connectionValidator=null, transportOptions={}], channel=[id: 0xb8d2a988, L:/127.0.0.1:64767 - R:localhost/127.0.0.1:389]>2023-06-16 09:12:22,923 WARN [org.ldaptive.transport.netty.NettyConnection] - <Inbound handler caught exception for org.ldaptive.transport.netty.NettyConnection@1366010559::ldapUrl=[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null], isOpen=true, connectTime=2023-06-16T09:09:32.616917100Z, connectionConfig=[org.ldaptive.ConnectionConfig@1751226570::ldapUrl=ldap://localhost:389, connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M, autoReconnect=true, autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1680/0x0000000100199c40@594e605c, autoReplay=true, sslConfig=[org.ldaptive.ssl.SslConfig@1885893078::credentialConfig=null, trustManagers=null, hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@26a2d23f, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false, connectionInitializers=null, connectionStrategy=[org.ldaptive.ActivePassiveConnectionStrategy@1122089449::ldapURLSet=[org.ldaptive.LdapURLSet@1745317225::active=[[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null]], inactive=[]], activateCondition=org.ldaptive.transport.TransportConnection$$Lambda$1692/0x0000000100bd7840@6bd15511, retryCondition=org.ldaptive.AbstractConnectionStrategy$$Lambda$1683/0x0000000100b72040@24308773, initialized=true], connectionValidator=null, transportOptions={}], channel=[id: 0x7884a7fa, L:/127.0.0.1:64785 - R:localhost/127.0.0.1:389]>2023-06-16 09:12:52,772 WARN [org.ldaptive.transport.netty.NettyConnection] - <Inbound handler caught exception for org.ldaptive.transport.netty.NettyConnection@111626592::ldapUrl=[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null], isOpen=true, connectTime=2023-06-16T09:09:32.523206700Z, connectionConfig=[org.ldaptive.ConnectionConfig@535779327::ldapUrl=ldap://localhost:389, connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M, autoReconnect=true, autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1680/0x0000000100199c40@594e605c, autoReplay=true, sslConfig=[org.ldaptive.ssl.SslConfig@49261306::credentialConfig=null, trustManagers=null, hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@4a6e0d4c, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false, connectionInitializers=null, connectionStrategy=[org.ldaptive.ActivePassiveConnectionStrategy@266689882::ldapURLSet=[org.ldaptive.LdapURLSet@1792062454::active=[[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null]], inactive=[]], activateCondition=org.ldaptive.transport.TransportConnection$$Lambda$1692/0x0000000100bd7840@15176c2c, retryCondition=org.ldaptive.AbstractConnectionStrategy$$Lambda$1683/0x0000000100b72040@24308773, initialized=true], connectionValidator=null, transportOptions={}], channel=[id: 0xea7463b7, L:/127.0.0.1:64769 - R:localhost/127.0.0.1:389]>2023-06-16 09:12:52,772 WARN [org.ldaptive.transport.netty.NettyConnection] - <Inbound handler caught exception for org.ldaptive.transport.netty.NettyConnection@1062011479::ldapUrl=[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null], isOpen=true, connectTime=2023-06-16T09:09:32.616917100Z, connectionConfig=[org.ldaptive.ConnectionConfig@1751226570::ldapUrl=ldap://localhost:389, connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M, autoReconnect=true, autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1680/0x0000000100199c40@594e605c, autoReplay=true, sslConfig=[org.ldaptive.ssl.SslConfig@1885893078::credentialConfig=null, trustManagers=null, hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@26a2d23f, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false, connectionInitializers=null, connectionStrategy=[org.ldaptive.ActivePassiveConnectionStrategy@1122089449::ldapURLSet=[org.ldaptive.LdapURLSet@1745317225::active=[[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null]], inactive=[]], activateCondition=org.ldaptive.transport.TransportConnection$$Lambda$1692/0x0000000100bd7840@6bd15511, retryCondition=org.ldaptive.AbstractConnectionStrategy$$Lambda$1683/0x0000000100b72040@24308773, initialized=true], connectionValidator=null, transportOptions={}], channel=[id: 0x6ff26ac2, L:/127.0.0.1:64784 - R:localhost/127.0.0.1:389]>2023-06-16 09:12:52,772 WARN [org.ldaptive.transport.netty.NettyConnection] - <Inbound handler caught exception for org.ldaptive.transport.netty.NettyConnection@2121328957::ldapUrl=[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null], isOpen=true, connectTime=2023-06-16T09:09:32.538735700Z, connectionConfig=[org.ldaptive.ConnectionConfig@535779327::ldapUrl=ldap://localhost:389, connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M, autoReconnect=true, autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1680/0x0000000100199c40@594e605c, autoReplay=true, sslConfig=[org.ldaptive.ssl.SslConfig@49261306::credentialConfig=null, trustManagers=null, hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@4a6e0d4c, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false, connectionInitializers=null, connectionStrategy=[org.ldaptive.ActivePassiveConnectionStrategy@266689882::ldapURLSet=[org.ldaptive.LdapURLSet@1792062454::active=[[org.ldaptive.LdapURL@1454060764::scheme=ldap, hostname=localhost, port=389, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null]], inactive=[]], activateCondition=org.ldaptive.transport.TransportConnection$$Lambda$1692/0x0000000100bd7840@15176c2c, retryCondition=org.ldaptive.AbstractConnectionStrategy$$Lambda$1683/0x0000000100b72040@24308773, initialized=true], connectionValidator=null, transportOptions={}], channel=[id: 0x6c7668c8, L:/127.0.0.1:64771 - R:localhost/127.0.0.1:389]>2023-06-16 09:12:59,415 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <[LdapAuthenticationHandler] exception details: [].>2023-06-16 09:12:59,430 INFO [org.apereo.cas.authentication.DefaultAuthenticationManager] - <[Static Credentials] exception details: [cas not found in backing map.].>2023-06-16 09:12:59,446 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN=============================================================WHO: casWHAT: [UsernamePasswordCredential(username=cas, source=null, customFields={})]ACTION: AUTHENTICATION_FAILEDAPPLICATION: CASWHEN: Fri Jun 16 09:12:59 UTC 2023* I can find the user using JXplorer and bind connection (also with this user) : [image: ApplicationFrameHost_s6tzxsAyNK.png] Le jeudi 15 juin 2023 à 18:45:09 UTC+2, Ray Bon a écrit : > Jérémie, > > Here are some loggers for cas ldap: > > <AsyncLogger name="org.ldaptive" level="${sys:ldap.log.level}" > includeLocation="true" /> > <!-- INFO Authentication failed for dn: ... > DEBUG prints failed log in error reason (among other ldap connection > details) --> > <AsyncLogger name="org.ldaptive.auth" level="debug" additivity="false" /> > > Make sure you can authenticate / find the user from another application (I > do not know what tools are available for AD). > Check your AD logs to see what it thinks the problem is. > > Ray > > On Thu, 2023-06-15 at 05:19 -0700, Jérémie wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > I've setup a CAS 6.6.8 and an Active Directory on the same server for test > purpose. > > I can't authenticate to my AD using an account. It seems that CAS cannot > find the user inside the AD. > > Here my cas.properties file (AD section) : > ``` > # Active Directory > cas.authn.ldap[0].type=AD > cas.authn.ldap[0].ldapUrl=ldap://localhost:389 > cas.authn.ldap[0].useStartTls=false > cas.authn.ldap[0].baseDn=DC=AAA,DC=BBB > cas.authn.ldap[0].search-filter=(sAMAccountName={user}) > cas.authn.ldap[0].subtreeSearch=true > cas.authn.ldap[0].dn-format=cn=%s,DC=AAA,DC=BBB > ``` > > I'm using a test user for this with the following DN : > CN=cas,CN=Users,DC=AAA,DC=BBB > > I don't understand what I'm missing here > > Thank you for any help > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/acc68c3c-c167-4e4e-b5b1-6bca6ebd14cdn%40apereo.org.