Yes, I verified that they are the same. On Wed, Jul 12, 2017 at 7:22 PM, Shannon Meisenheimer <meisenhei...@ucmo.edu > wrote:
> Are you sure the cn and samAccountName match for that user? > > Shannon > > Sent from my iPhone > > On Jul 12, 2017, at 3:55 PM, Tim Cullings <tim.culli...@gmail.com> wrote: > > I have been tasked with setting up DSpace in my environment and getting it > working with LDAP for user authentication. > > I've gone through every article on the site, tried every combination of > settings in the authentication-ldap.cfg file and can't seem to get it to > work. The only error I receive is: > > ldap_authentication:type=failed_auth > javax.naming.AuthenticationException\colon; > [LDAP\colon; error code 49 - 80090308\colon; LdapErr\colon; DSID-0C0903D9, > comment\colon; AcceptSecurityContext error, data 52e, v2580 ] > > Running DSPACE 5 on Windows Server 2012 R2 > > Here are my settings: > > authentication-ldap.enable = true > authentication-ldap.autoregister = true > authentication-ldap.provider_url = ldap://ldap.domain.com:389 > authentication-ldap.id_field = sAMAcoountName > authentication-ldap.object_context = dc=domain,dc=com > authentication-ldap.search_context = dc=domain,dc=com > authentication-ldap.email_field = mail > authentication-ldap.surname_field = sn > authentication-ldap.givenname_field = givenName > authentication-ldap.search_scope = 2 > #authentication-ldap.search.anonymous = false > authentication-ldap.search.user = cn=user,ou=someou,dc=domain,dc=com > authentication-ldap.search.password = password > > I used an LDAP browsing tool from the server with the service account I am > attempting to use for Dspace and was able to run queries with it against > our AD server. I also used ldapsearch on a UNIX box and the specified > credentials and that worked as well so I am fairly certain the issue is > with Dspace. Domain users reside in multiple OUs that are one level down > from the root for example, cn=user1,ou=Contractors,dc=domain,dc=com and > so on for FTEs, vendors and other types of employees. > > -- > You received this message because you are subscribed to the Google Groups > "DSpace Technical Support" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to dspace-tech+unsubscr...@googlegroups.com. > To post to this group, send email to dspace-tech@googlegroups.com. > Visit this group at https://groups.google.com/group/dspace-tech. > For more options, visit https://groups.google.com/d/optout. > > -- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To post to this group, send email to dspace-tech@googlegroups.com. Visit this group at https://groups.google.com/group/dspace-tech. For more options, visit https://groups.google.com/d/optout.
