I'm using the latest version:
Version: 2.0.0.v20210717-M17
I was able to make it work by changing this section:
*dn: cn=Meissa SAKHO+uid=msakho,ou=Users,dc=example,dc=com
objectClass: organizationalPerson
objectClass: person
objectClass: inetOrgPerson
objectClass: top
cn: meissa sakho
sn: sakho
title: cn=Administrator,ou=Groups,dc=example,dc=com
uid: msakho
userpassword: meissa*
*
*
*with this section:*
dn: cn=Meissa SAKHO,ou=Users,dc=example,dc=com
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: top
cn: Meissa SAKHO
description: Capt. Meissa SAKHO, R.N
givenname: Meissa
sn: Sakho
uid: msakho
mail: msa...@redhat.com <mailto:msa...@redhat.com>
userpassword: meissa*
*
The difference between the two is in the cn.
The first version worked once. I've borrowed it from this article[1]
written by one of my colleagues.
It seems like there are some differences.
[1]=https://urldefense.proofpoint.com/v2/url?u=https-3A__developers.redhat.com_blog_2018_09_21_setup-2Dldap-2Dauth-2Damq-2Dconsole-23&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=Dn5z0Fep2ece_GfHn192tX9s8ttmCOPevpID9LHt6hI&e=
<https://urldefense.proofpoint.com/v2/url?u=https-3A__developers.redhat.com_blog_2018_09_21_setup-2Dldap-2Dauth-2Damq-2Dconsole-23&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=Dn5z0Fep2ece_GfHn192tX9s8ttmCOPevpID9LHt6hI&e=
>
Le sam. 13 nov. 2021 à 19:51, Emmanuel Lécharny <elecha...@gmail.com
<mailto:elecha...@gmail.com>> a écrit :
Thanks.
Will do a test with the data you've provided.
Which is the LDAP DS version you are using ?
On 12/11/2021 08:55, Meissa Sakho wrote:
> Hi Emmanuel,
> below is the complete ldif and in bold the corresponding user
whose
> password (uid=msakho, password=meissa) is in clear:
> version: 1
>
> dn: dc=example,dc=com
> objectclass: top
> objectclass: domain
> dc: example
>
> dn: ou=Groups,dc=example,dc=com
> objectClass: organizationalUnit
> objectClass: top
> ou: Groups
>
>
> dn: ou=Users,dc=example,dc=com
> objectClass: organizationalUnit
> objectClass: top
> ou: Users
>
>
> dn: cn=Administrator,ou=Groups,dc=example,dc=com
> objectClass: groupOfNames
> objectClass: top
> cn: Administrator
> member: cn=John+sn=Doe+uid=jdoe,ou=Users,dc=example,dc=com
> member: cn=Elvadas NONO,ou=Users,dc=example,dc=com
>
> dn: cn=AMQGroup,ou=Groups,dc=example,dc=com
> objectClass: groupOfNames
> objectClass: top
> cn: AMQGroup
> member: cn=Elvadas
Nono+sn=WOGUIA+uid=nelvadas,ou=Users,dc=example,dc=com
> member: cn=John+sn=Doe+uid=jdoe,ou=Users,dc=example,dc=com
> member: cn=Meissa+sn=Sakho+uid=msakho,ou=Users,dc=example,dc=com
>
> dn: cn=John+sn=Doe+uid=jdoe,ou=Users,dc=example,dc=com
> objectClass: organizationalPerson
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: top
> cn: John
> sn: Doe
> title: cn=Administrator,ou=Groups,dc=example,dc=com
> uid: jdoe
> userPassword: redhat
>
>
> dn: cn=Elvadas NONO+uid=enonowoguia,ou=Users,dc=example,dc=com
> objectClass: organizationalPerson
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: top
> cn: elvadas nono
> sn: Woguia
> title: cn=Administrator,ou=Groups,dc=example,dc=com
> uid: enonowoguia
> userpassword::
e1NTSEF9dlMzVU95V1Bnek9JMUhreG5IV290My9jS0NxZWlGNmlDSlh1SEE9P
> Q==
>
> *dn: cn=Meissa SAKHO+uid=msakho,ou=Users,dc=example,dc=com
> objectClass: organizationalPerson
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: top
> cn: meissa sakho
> sn: sakho
> title: cn=Administrator,ou=Groups,dc=example,dc=com
> uid: msakho
> userpassword: meissa
> *
> *
> *
> Thanks
>
> Le ven. 12 nov. 2021 à 04:03, Emmanuel Lécharny
<elecha...@gmail.com <mailto:elecha...@gmail.com>
> <mailto:elecha...@gmail.com <mailto:elecha...@gmail.com>>> a
écrit :
>
> Hi,
>
> can you provide the entry associated to this user (with
password
> redacted, of course)?
>
> Thanks !
>
> On 11/11/2021 18:53, Meissa Sakho wrote:
> > Hello everyone,
> > I'm trying to connect to my Ldap DS server from ActiveMq .
> > The connection setting is configured via a login.config
file like
> below:
> > activemq {
> >
> >
org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule
> > required
> > debug=true
> > initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
> > connectionURL="ldap://localhost:10389"
> > connectionUsername="uid=admin,ou=system"
> > connectionPassword=secret
> > connectionProtocol=s
> > authentication=simple
> > userBase="ou=Users,dc=example,dc=com"
> > userSearchMatching="(uid={0})"
> > userSearchSubtree=true
> > roleBase="ou=Groups,dc=example,dc=com"
> > roleName=cn
> > roleSearchMatching="(member={0})"
> > roleSearchSubtree=false
> > reload=true
> > ;
> >
> > };
> > I've imported a sample ldiff file and double checked that
every user
> > connection is correct.
> > When I try to get connected via the ActiveMq admin
console, I'm
> getting a
> > login failed error message because of a password that does
not match.
> >
> > 2021-11-11 18:38:29,436 DEBUG
> >
>
[org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule]
> LDAP
> > returned a relative name: cn=Meissa
SAKHO+uid=msakho,ou=Users
> >
> > 2021-11-11 18:38:29,436 DEBUG
> >
>
[org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule]
> Using
> > DN [cn=Meissa
SAKHO+uid=msakho,ou=Users,dc=example,dc=com] for
> binding.
> >
> > 2021-11-11 18:38:29,436 DEBUG
> >
[org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule]
> > Binding the user.
> >
> > 2021-11-11 18:38:29,438 DEBUG
> >
[org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule]
> > Authentication failed for dn=cn=Meissa
> > SAKHO+uid=msakho,ou=Users,dc=example,dc=com
> >
> > WARN | qtp2029780820-35 | Login failed due to: Password
does not
> match for
> > user: msakh
> > When I check the password test connection via the DS
Studio, it
> works fine.
> > I don't know what's wrong and where.
> > Any idea?
> >
>
> --
> *Emmanuel Lécharny - CTO* 205 Promenade des Anglais –
06200 NICE
> T. +33 (0)4 89 97 36 50
> P. +33 (0)6 08 33 32 61
> emmanuel.lecha...@busit.com <mailto:emmanuel.lecha...@busit.com>
<mailto:emmanuel.lecha...@busit.com
<mailto:emmanuel.lecha...@busit.com>>
>
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.busit.com_&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=yb7kN1ISQOYIJPyK7vA1SvBKORzq-YzFAtU4pMuScAo&e=
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.busit.com_&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=yb7kN1ISQOYIJPyK7vA1SvBKORzq-YzFAtU4pMuScAo&e=
>
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.busit.com_&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=yb7kN1ISQOYIJPyK7vA1SvBKORzq-YzFAtU4pMuScAo&e=
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.busit.com_&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=yb7kN1ISQOYIJPyK7vA1SvBKORzq-YzFAtU4pMuScAo&e=
>>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
users-unsubscr...@directory.apache.org
<mailto:users-unsubscr...@directory.apache.org>
> <mailto:users-unsubscr...@directory.apache.org
<mailto:users-unsubscr...@directory.apache.org>>
> For additional commands, e-mail:
users-h...@directory.apache.org <mailto:users-h...@directory.apache.org>
> <mailto:users-h...@directory.apache.org
<mailto:users-h...@directory.apache.org>>
>
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
emmanuel.lecha...@busit.com <mailto:emmanuel.lecha...@busit.com>
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.busit.com_&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=yb7kN1ISQOYIJPyK7vA1SvBKORzq-YzFAtU4pMuScAo&e=
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.busit.com_&d=DwIDaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=18v0l4oU4DKQ7FmlB99aAPZBhJ_vU0z6nRnh1dS2_8c&s=yb7kN1ISQOYIJPyK7vA1SvBKORzq-YzFAtU4pMuScAo&e=
>