I'm running DSpace 5.2 and am attempting to enable LDAP authentication with our
Active Directory. I've been fighting this issue for a couple of weeks now, and
cannot get authentication to work. Below are the contents of my
authentication.cfg and authentication-ldap.cfg files as well as the log result
of the login attempts from the dspace.log file.
I'm not sure if there is something obvious that I have wrong or not. Are there
any specifics that have to be set for Active Directory setups?
Thanks for any help!
The directory structure is set up like this:
dc=relligar,dc=edu
_/ | \_
_/ | \_
/ | \
ou=Staff Accounts ou=Faculty Accounts ou=Student Accounts
|
|
cn=Jones, Jimmy K.
...
dspace.log.2015-07-14
---------------------
...
2015-07-14 16:58:23,295 INFO org.dspace.authenticate.PasswordAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:authenticate:attempting
password auth of user=krbelcher
2015-07-14 16:58:23,358 INFO org.dspace.authenticate.LDAPAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:auth:attempting
trivial auth of user=krbelcher
2015-07-14 16:58:23,654 WARN org.dspace.authenticate.LDAPAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:ldap_authentication:type=failed_auth
javax.naming.AuthenticationException\colon; [LDAP\colon; error code 49 -
80090308\colon; LdapErr\colon; DSID-0C0903A9, comment\colon;
AcceptSecurityContext error, data 52e, v1db1 ]
2015-07-14 16:58:23,654 INFO org.dspace.authenticate.LDAPAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:failed_login:no
DN found for user krbelcher
2015-07-14 16:58:23,654 INFO org.dspace.app.xmlui.utils.AuthenticationUtil @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:failed_login:email=krbelcher,
realm=null, result=2
2015-07-14 16:58:29,764 INFO org.dspace.authenticate.PasswordAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:authenticate:attempting
password auth of user=krbelcher
2015-07-14 16:58:29,764 INFO org.dspace.authenticate.LDAPAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:auth:attempting
trivial auth of user=krbelcher
2015-07-14 16:58:30,076 WARN org.dspace.authenticate.LDAPAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:ldap_authentication:type=failed_auth
javax.naming.AuthenticationException\colon; [LDAP\colon; error code 49 -
80090308\colon; LdapErr\colon; DSID-0C0903A9, comment\colon;
AcceptSecurityContext error, data 52e, v1db1 ]
2015-07-14 16:58:30,076 INFO org.dspace.authenticate.LDAPAuthentication @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:failed_login:no
DN found for user krbelcher
2015-07-14 16:58:30,076 INFO org.dspace.app.xmlui.utils.AuthenticationUtil @
anonymous:session_id=E1BE13484E845DE6361AFB660E6307FD:ip_addr=172.0.0.1:failed_login:email=krbelcher,
realm=null, result=2
authentication.cfg
------------------
plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \
org.dspace.authenticate.PasswordAuthentication, \
org.dspace.authenticate.LDAPAuthentication
authentication-ldap.cfg
-----------------------
enable = true
autoregister = true
provider_url = ldaps://172.0.0.1:636/
id_field = sAMAccountName
object_context =
search_context = dc=relligar,dc=edu
email_field = mail
surname_field = sn
givenname_field = givenName
phone_field = telephoneNumber
search_scope = 2
search.anonymous = false
search.user = cn=Binder\, DSpace,cn=Users,dc=relligar,dc=edu
search.password = secret
netid_email_domain = @relligar.edu
--
David Baker
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
