You don't need the admin password, you do need a domain account the has read permissions.....just about any account will do this....create a test account.....and use that instead of the admin account......
-----Original Message----- From: Hart, Justin [mailto:[EMAIL PROTECTED] Sent: Monday, November 03, 2003 4:18 PM To: Tomcat Users List Subject: RE: JNDIRealm...more Is there a way to do this without the admin password in the file? What is sAMAccountName? Also, not terribly versed in LDAP, what is "My OU"? Justin -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, November 03, 2003 4:16 PM To: [EMAIL PROTECTED] Subject: RE: JNDIRealm...more Here's what I have......this works for me....hope this helps.... <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://[domain controller]:389" userBase="OU=Users,OU=[My OU],DC=[Domain],DC=com" userSearch="(sAMAccountName={0})" userRoleName="member" roleBase="OU=Users,OU=[my OU],DC=[Domain],DC=com" roleName="memberOf" roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)" connectionName="CN=Administrator,CN=Users,DC=[Domain],DC=com" connectionPassword="[password]" roleSubtree="true" userSubtree="true"/> -----Original Message----- From: Hart, Justin [mailto:[EMAIL PROTECTED] Sent: Monday, November 03, 2003 12:57 PM To: Tomcat Users List Subject: JNDIRealm...more My server.xml now looks like this : <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="A good active directory server" userBase="dc=MY DOMAIN NAME,dc=com" userRoleName="member" roleName="cn" roleSearch="(userPrincipalName={0})" roleSubtree="false" userSubtree="false" referrals="follow" /> Reading through the log shows no errors, just that the realm is openning and closing connections with my LDAP server, after 3 tries, it tells me that I need to use http authentication. What's going wrong here? Justin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
