I'm trying to get a JNDI Realm working as one might expect with Active
Directory.
Tomcat 5.5.20
Java 1.5.06
Windows 2000 Server
The basic issue is that searching from a domain root "dc=company,dc=com" and
using userSubtree="true" results in:
Oct 31, 2006 3:18:20 PM org.apache.catalina.realm.JNDIRealm authenticate
SEVERE: Exception performing authentication
javax.naming.PartialResultException: Unprocessed Continuation Reference(s);
remaining name 'dc=company,dc=com'
If I use a more specific search base of "ou=Employees,dc=company,dc=com" and
then the userSubtree is irrelevant, it works fine.
Problem is our AD structure demands that users be in two different OU's and
thus the search must be done from the root. I understand that AD does not
handle referrals as expected and that could be contributing.
http://www.mail-archive.com/cas@tp.its.yale.edu/msg00797.html
In this case I suggest adjusting the local hosts file to fool DNS
(c:\windows\system32\drivers\etc\hosts). Find out the wrong DNS name in
the referral and point that name to your real AD.
-- Velpi
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
