>-----Original Message----- >From: S.V. [mailto:svku...@googlemail.com] >Subject: Tomcat 6.0.18 JNDIRealm ConnectException: Connection timed out > > userBase="DC=host,DC=de" >
I had this same problem. It depends on where your users are located in AD and how large the tree is. This is probably not the right way to do it, but I limited the roleBase and userBase to specific nodes. <Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldap://url:389" connectionName="CN=ad_user_account,OU=Service Accounts,OU=PLANDEV Dept,DC=plandev,DC=maricopa,DC=gov" connectionPassword="***" roleBase="OU=Groups,OU=PLANDEV Dept,DC=plandev,DC=maricopa,DC=gov" roleSubtree="true" roleName="cn" roleSearch="(member={0})" userBase="OU=PLANDEV Dept,DC=plandev,DC=maricopa,DC=gov" userSearch="(&(objectCategory=person)(sAMAccountName={0}))" userSubtree="true" userRoleName="memberOf" /> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org