Hi Akila, While going through your configuration, I just noticed that the two properties "UserNameAttribute" and "UserNameSearchFilter" are refering to two different user attributes. Is it done intentionally? Ideally they should refer to the same attribute, for e.g. cn or uid or any attribute that is uniquely identifiable.
It is also mentioned in the https://docs.wso2.com/display/IS500/Configuring+an+Active+Directory+User+Store documentation, point number 3. You can also refer to this http://venurakahawala.blogspot.com/2013/10/usernameattribute-and.html blog for more information. On Fri, Oct 31, 2014 at 4:57 PM, Akila Nimantha [IT/EKO/LOITS] < aki...@lolctech.com> wrote: > Hi Dinesh, > > > > I have Tried in the local machine where connection can be established to > LOLC.COM . now it says about invalid username password(because of null > username).. > > Please check the log file attached. > > > > Regards, > > Akila > > > > > > *From:* Dinesh J Weerakkody [mailto:dine...@wso2.com] > *Sent:* 31 October 2014 12:55 PM > > *To:* Akila Nimantha [IT/EKO/LOITS] > *Cc:* dev@wso2.org > *Subject:* Re: [Dev] integrating IS 5.0 with Active Directory > > > > Hi Akila, > > There is connection issue to your LDAP server (LOLC.COM:389). Just check > whether the connection can be established from the IS server to LDAP using > another way (ping or tracert). What I guess is that server cannot find the > path to LOLC.COM. If you can ping, just give a try using server IP > instead of server name. > > Thanks, > > > > On Fri, Oct 31, 2014 at 11:02 AM, Akila Nimantha [IT/EKO/LOITS] < > aki...@lolctech.com> wrote: > > Hi Godwin, > > > > Enabled the debug mode and still same here. Please check the attachment > for the new log file. > > > > Regards, > > Akila > > > > > > > > *From:* Godwin Amila Shrimal [mailto:god...@wso2.com] > *Sent:* 29 October 2014 5:59 PM > > > *To:* Akila Nimantha [IT/EKO/LOITS] > *Cc:* dev@wso2.org > *Subject:* Re: [Dev] integrating IS 5.0 with Active Directory > > > > Hi Akila, > > > > Can you enable debug mode in Identity Server and recreate the issue and > send back the log file. Please see below link for enabling debug. > > > > > http://soasecurity.org/2014/02/26/how-to-wso2is-troubleshooting-wso2-identity-server-1/ > > > > > > On Wed, Oct 29, 2014 at 5:44 PM, Akila Nimantha [IT/EKO/LOITS] < > aki...@lolctech.com> wrote: > > Hi Godwin, > > > > Please check for the attached log file. > > > > Regards, > > Akila > > > > *From:* Godwin Amila Shrimal [mailto:god...@wso2.com] > *Sent:* 29 October 2014 5:26 PM > *To:* Akila Nimantha [IT/EKO/LOITS] > *Cc:* dev@wso2.org > *Subject:* Re: [Dev] integrating IS 5.0 with Active Directory > > > > Hi Akila, > > > > What is there error you are getting when trying to login ? can you send > the identity server log ? > > > > > > Thanks > > Godwin > > > > > > On Wed, Oct 29, 2014 at 5:04 PM, Akila Nimantha [IT/EKO/LOITS] < > aki...@lolctech.com> wrote: > > Hi all, > > > > I have a question regarding integrating IS 5.0 with Active Directory.I've > setup where i can see all of the AD users and group in IS but I cant login > to IS with any of the AD credentials. > > Also i've registered the travelocity.com webapp but unable to login > through the app > > > > WSO2 IS configuration > > > > <Configuration> > > <AddAdmin>false</AddAdmin> > > <AdminRole>admin</AdminRole> > > <AdminUser> > > > <UserName>FusionUsr</UserName> > > > <Password>Fu$@1234</Password> > > </AdminUser> > > <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default > users in this role sees the registry root --> > > <Property name="dataSource">jdbc/WSO2CarbonDB</Property> > > </Configuration> > > > > <UserStoreManager > class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager"> > > <Property > name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property> > > <Property name="defaultRealmName">LOLC.com</Property> > > <Property > name="Disabled">false</Property> > > <Property name="kdcEnabled">false</Property> > > <Property name="ConnectionURL">ldap://lolcpdc.lolc.com:389</Property> > > <Property name="ConnectionName">CN=FusionUsr,OU=IT Service > Accounts,DC=LOLC,DC=com</Property> > > <Property name="ConnectionPassword">Fu$@1234</Property> > > <Property name="passwordHashMethod">PLAIN_TEXT</Property> > > <Property name="UserSearchBase">DC=LOLC,DC=com</Property> > > <Property name="UserEntryObjectClass">user</Property> > > <Property name="UserNameAttribute">sAMAccountName</Property> > > <Property name="isADLDSRole">false</Property> > > <Property name="userAccountControl">512</Property> > > <Property name="UserNameListFilter">(objectClass=user)</Property> > > <Property > name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property> > > <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> > > <Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property> > > <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property> > > <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property> > > <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> > > <Property name="ReadGroups">true</Property> > > <Property name="WriteGroups">true</Property> > > <Property name="EmptyRolesAllowed">true</Property> > > <Property name="GroupSearchBase">DC=LOLC,DC=com</Property> > > <Property name="GroupEntryObjectClass">group</Property> > > <Property name="GroupNameAttribute">cn</Property> > > <Property name="SharedGroupNameAttribute">cn</Property> > > <Property > name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property> > > <Property name="SharedGroupEntryObjectClass">groups</Property> > > <Property > name="SharedTenantNameListFilter">(object=organizationalUnit)</Property> > > <Property name="SharedTenantNameAttribute">ou</Property> > > <Property name="SharedTenantObjectClass">organizationalUnit</Property> > > <Property name="MembershipAttribute">member</Property> > > <Property name="GroupNameListFilter">(objectcategory=group)</Property> > > <Property > name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property> > > <Property name="UserRolesCacheEnabled">true</Property> > > <Property name="Referral">follow</Property> > > <Property name="BackLinksEnabled">true</Property> > > <Property name="MaxRoleNameListLength">100</Property> > > <Property name="MaxUserNameListLength">100</Property> > > <Property name="SCIMEnabled">false</Property> > > </UserStoreManager> > > > > Regards, > > Akila > > This message (including any attachments) is intended only for the use of > the individual or entity to which it is addressed and may contain > information that is non-public, proprietary, privileged, confidential, and > exempt from disclosure under applicable law or may constitute as attorney > work product. If you are not the intended recipient, you are hereby > notified that any use, dissemination, distribution, or copying of this > communication is strictly prohibited. If you have received this > communication in error, notify us immediately by telephone and (i) destroy > this message if a facsimile or (ii) delete this message immediately if this > is an electronic communication. Thank you. > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > > -- > > *Godwin Amila Shrimal* > Senior Software Engineer > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94772264165 <%2B94772264165>* > > linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* > > twitter: https://twitter.com/godwinamila > > This message (including any attachments) is intended only for the use of > the individual or entity to which it is addressed and may contain > information that is non-public, proprietary, privileged, confidential, and > exempt from disclosure under applicable law or may constitute as attorney > work product. If you are not the intended recipient, you are hereby > notified that any use, dissemination, distribution, or copying of this > communication is strictly prohibited. If you have received this > communication in error, notify us immediately by telephone and (i) destroy > this message if a facsimile or (ii) delete this message immediately if this > is an electronic communication. Thank you. > > > > > > -- > > *Godwin Amila Shrimal* > Senior Software Engineer > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94772264165 <%2B94772264165>* > > linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* > > twitter: https://twitter.com/godwinamila > > This message (including any attachments) is intended only for the use of > the individual or entity to which it is addressed and may contain > information that is non-public, proprietary, privileged, confidential, and > exempt from disclosure under applicable law or may constitute as attorney > work product. If you are not the intended recipient, you are hereby > notified that any use, dissemination, distribution, or copying of this > communication is strictly prohibited. If you have received this > communication in error, notify us immediately by telephone and (i) destroy > this message if a facsimile or (ii) delete this message immediately if this > is an electronic communication. Thank you. > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > -- > > > *Dinesh J. Weerakkody* > > Software Engineer > > WSO2 Inc. > lean | enterprise | middleware > M : +94 727 361788 | E : dine...@wso2.com | W : www.wso2.com > > This message (including any attachments) is intended only for the use of > the individual or entity to which it is addressed and may contain > information that is non-public, proprietary, privileged, confidential, and > exempt from disclosure under applicable law or may constitute as attorney > work product. If you are not the intended recipient, you are hereby > notified that any use, dissemination, distribution, or copying of this > communication is strictly prohibited. If you have received this > communication in error, notify us immediately by telephone and (i) destroy > this message if a facsimile or (ii) delete this message immediately if this > is an electronic communication. Thank you. > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Thanks and Regards *,Shani Ranasinghe* Software Engineer WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: +94 77 2273555 linked in: lk.linkedin.com/pub/shani-ranasinghe/34/111/ab
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
