Indeed this worked way better, thanks !
Le mercredi 21 juin 2023 à 19:04:44 UTC+2, Jason Everling a écrit :
> Try authenticated type instead,
>
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].bindDn=YOUR_BIND_DN, Can be upn format as well instead
> of full dn
>
>
>
>
> *From:* cas-...@apereo.org *On Behalf Of *Jason
> Everling
> *Sent:* Wednesday, June 21, 2023 10:59 AM
> *To:* CAS Community
> *Cc:* Ray Bon ; dfisher
> *Subject:* [EXT] Re: [cas-user] CAS 6.6.8 - Authenticate using AD
>
>
>
> *CAUTION: This emai
Everling
Sent: Wednesday, June 21, 2023 10:59 AM
To: CAS Community
Cc: Ray Bon ; dfisher
Subject: [EXT] Re: [cas-user] CAS 6.6.8 - Authenticate using AD
CAUTION: This email originated from outside of SIG. Exercise caution when
opening attachments or clicking links, especially from unknown senders
Try authenticated type instead,
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=YOUR_BIND_DN, Can be upn format as well instead of
full dn
cas.authn.ldap[0].bindCredential=YOUR_BIND_PASSWORD
On Wednesday, June 21, 2023 at 9:42:15 AM UTC-5 Ray Bon wrote:
> Jérémie,
>
> 'Unknown
Jérémie,
'Unknown user name or bad password.'
Suggests that this is an issue on AD side.
See https://fawnoos.com/2022/11/24/cas70x-azure-active-directory/ or this older
one https://fawnoos.com/2017/11/22/cas-saml-integration-adfs/
Ray
On Mon, 2023-06-19 at 00:41 -0700, Jérémie wrote:
Notice:
All logs were already set to DEBUG.
I don't think firewall rules are causing the issue here as I'm reaching the
AD.
Tomcat stdout logs :
*2023-06-19 07:32:52,281 INFO
[org.apereo.cas.authentication.DefaultAuthenticationManager] -
<[LdapAuthenticationHandler] exception details:
On Fri, Jun 16, 2023 at 5:56 AM Jérémie wrote:
> Thank for the logger, I've added it at the end of log4j2 file and set
> level to *debug*
>
You'll probably get a more complete picture if you set all of
`org.ldaptive` to DEBUG.
>
> Here is my error log now (debug logs doesn't seem to give much
Jérémie,
I did some testing and the ldaptive loggers are not nearly as useful as I
thought they would be.
This logger at debug or trace may provide a little more detail:
It shows the error message in your email:
2023-06-16 09:12:59,430 INFO
Hi,
Thank for the logger, I've added it at the end of log4j2 file and set level
to *debug*
Here is my error log now (debug logs doesn't seem to give much more
information) :
*2023-06-16 09:12:06,090 INFO
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0]
Jérémie,
Here are some loggers for cas ldap:
Make sure you can authenticate / find the user from another application (I do
not know what tools are available for AD).
Check your AD logs to see what it thinks the problem is.
Ray
On Thu, 2023-06-15 at 05:19 -0700, Jérémie wrote:
Notice: This
I've setup a CAS 6.6.8 and an Active Directory on the same server for test
purpose.
I can't authenticate to my AD using an account. It seems that CAS cannot
find the user inside the AD.
Here my cas.properties file (AD section) :
```
# Active Directory
cas.authn.ldap[0].type=AD
11 matches
Mail list logo
