Active Directory Configuration

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Active Directory Configuration

bman-3

Hi all,

I'm pretty new to Artifactory and not very knowledgeable about Active
Directory and I am trying to get them to play nicely together.  Aside from
the 2 required fields of 'Ldap key' and 'Ldap URL', I'm not sure how to
complete the configuration.  The admin that gave me a hand said that
anonymous binding is not allowed, does that affect which settings I use?  It
seems that either a user DN Pattern or Search Filter is to be used, does it
matter which?

With a key, url, and search filter of 'sAMAccountName={0}' testing the ldap
connection results in:
2009-07-29 10:39:40,739 [ERROR] (o.a.s.l.LdapConnectionTester:186) - Error
connecting to the LDAP server: Failed to parse DN; nested exception is
org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column
6.  Encountered: ":" (58), after : "": Failed to parse DN; nested exception
is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
column 6.  Encountered: ":" (58), after : ""

With a key, url, and user DN pattern of 'sAMAccountName={0}' testing the
ldap connection results in the same error.  Changing the DN pattern to
'uid={0},ou=People' results in the same error.

Thanks for any advice you are able to give me!
Barry
--
View this message in context: http://www.nabble.com/Active-Directory-Configuration-tp24722549p24722549.html
Sent from the Artifactory-Users mailing list archive at Nabble.com.


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users
Reply | Threaded
Open this post in threaded view
|

Re: Active Directory Configuration

Yoav Landman
Administrator

You will need to use a search filter and specify a manager DN and password to bind with to the server, in order to perform the user search.
This is very similar to the sample given at: http://wiki.jfrog.org/confluence/display/RTF/Authenticating+with+LDAP.

HTH,

Yoav

On Wed, Jul 29, 2009 at 7:15 PM, bman <[hidden email]> wrote:

Hi all,

I'm pretty new to Artifactory and not very knowledgeable about Active
Directory and I am trying to get them to play nicely together.  Aside from
the 2 required fields of 'Ldap key' and 'Ldap URL', I'm not sure how to
complete the configuration.  The admin that gave me a hand said that
anonymous binding is not allowed, does that affect which settings I use?  It
seems that either a user DN Pattern or Search Filter is to be used, does it
matter which?

With a key, url, and search filter of 'sAMAccountName={0}' testing the ldap
connection results in:
2009-07-29 10:39:40,739 [ERROR] (o.a.s.l.LdapConnectionTester:186) - Error
connecting to the LDAP server: Failed to parse DN; nested exception is
org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column
6.  Encountered: ":" (58), after : "": Failed to parse DN; nested exception
is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
column 6.  Encountered: ":" (58), after : ""

With a key, url, and user DN pattern of 'sAMAccountName={0}' testing the
ldap connection results in the same error.  Changing the DN pattern to
'uid={0},ou=People' results in the same error.

Thanks for any advice you are able to give me!
Barry
--
View this message in context: http://www.nabble.com/Active-Directory-Configuration-tp24722549p24722549.html
Sent from the Artifactory-Users mailing list archive at Nabble.com.


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users
Reply | Threaded
Open this post in threaded view
|

Re: Active Directory Configuration

bman-3

Thanks Yoav.

I now have a service account setup and entered its credentials for "Manager
DN" and "Manager Password" but am still having the same issue.  I used
JXplorer to verify that I can connect with these credentials.  Am I
configuring this through Artifactory wrong, or is there something with
Active Directory that needs configured?

My settings:
Ldap key: myLdap
Ldap URL: Ldaps://our.server.com/dc=corp,dc=company,dc=com
Search Filter: sAMAccountName={0}
Manager DN: CN=Artifactory,OU=Accounts,DC=corp,DC=company,DC=com
Manager Password: password
Test Username: me
Test Password: mypassword

Test connection fails...
2009-08-03 15:36:05,146 [ERROR] (o.a.s.l.LdapConnectionTester:186) - Error
connecting to the LDAP server: Failed to parse DN; nested exception is
org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column
6.  Encountered: ":" (58), after : "": Failed to parse DN; nested exception
is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
column 6.  Encountered: ":" (58), after : ""

Thanks for any pointers!
Barry



Yoav  Landman wrote:

>
> You will need to use a search filter and specify a manager DN and password
> to bind with to the server, in order to perform the user search.
> This is very similar to the sample given at:
> http://wiki.jfrog.org/confluence/display/RTF/Authenticating+with+LDAP.
>
> HTH,
>
> Yoav
>
> On Wed, Jul 29, 2009 at 7:15 PM, bman <[hidden email]> wrote:
>
>>
>> Hi all,
>>
>> I'm pretty new to Artifactory and not very knowledgeable about Active
>> Directory and I am trying to get them to play nicely together.  Aside
>> from
>> the 2 required fields of 'Ldap key' and 'Ldap URL', I'm not sure how to
>> complete the configuration.  The admin that gave me a hand said that
>> anonymous binding is not allowed, does that affect which settings I use?
>>  It
>> seems that either a user DN Pattern or Search Filter is to be used, does
>> it
>> matter which?
>>
>> With a key, url, and search filter of 'sAMAccountName={0}' testing the
>> ldap
>> connection results in:
>> 2009-07-29 10:39:40,739 [ERROR] (o.a.s.l.LdapConnectionTester:186) -
>> Error
>> connecting to the LDAP server: Failed to parse DN; nested exception is
>> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
>> column
>> 6.  Encountered: ":" (58), after : "": Failed to parse DN; nested
>> exception
>> is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
>> column 6.  Encountered: ":" (58), after : ""
>>
>> With a key, url, and user DN pattern of 'sAMAccountName={0}' testing the
>> ldap connection results in the same error.  Changing the DN pattern to
>> 'uid={0},ou=People' results in the same error.
>>
>> Thanks for any advice you are able to give me!
>> Barry
>> --
>> View this message in context:
>> http://www.nabble.com/Active-Directory-Configuration-tp24722549p24722549.html
>> Sent from the Artifactory-Users mailing list archive at Nabble.com.
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day
>> trial. Simplify your report design, integration and deployment - and
>> focus
>> on
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> Artifactory-users mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
> 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Artifactory-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>
>

--
View this message in context: http://www.nabble.com/Active-Directory-Configuration-tp24722549p24797892.html
Sent from the Artifactory-Users mailing list archive at Nabble.com.


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users
Reply | Threaded
Open this post in threaded view
|

Re: Active Directory Configuration

Yossi Shaul
Looks like a bug in Spring ldap, it should work if you change the capital letter 'L' to lower case 'l'  (eg, use 'ldap://' instead of "Ldap").

I opened an issue in Artifactory: http://issues.jfrog.org/jira/browse/RTFACT-2036.

Thanks,
Yossi


From: bman <[hidden email]>
To: [hidden email]
Sent: Monday, August 3, 2009 11:45:32 PM
Subject: Re: [Artifactory-users] Active Directory Configuration


Thanks Yoav.

I now have a service account setup and entered its credentials for "Manager
DN" and "Manager Password" but am still having the same issue.  I used
JXplorer to verify that I can connect with these credentials.  Am I
configuring this through Artifactory wrong, or is there something with
Active Directory that needs configured?

My settings:
Ldap key: myLdap
Ldap URL: Ldaps://our.server.com/dc=corp,dc=company,dc=com
Search Filter: sAMAccountName={0}
Manager DN: CN=Artifactory,OU=Accounts,DC=corp,DC=company,DC=com
Manager Password: password
Test Username: me
Test Password: mypassword

Test connection fails...
2009-08-03 15:36:05,146 [ERROR] (o.a.s.l.LdapConnectionTester:186) - Error
connecting to the LDAP server: Failed to parse DN; nested exception is
org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column
6.  Encountered: ":" (58), after : "": Failed to parse DN; nested exception
is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
column 6.  Encountered: ":" (58), after : ""

Thanks for any pointers!
Barry



Yoav  Landman wrote:
>
> You will need to use a search filter and specify a manager DN and password
> to bind with to the server, in order to perform the user search.
> This is very similar to the sample given at:
> http://wiki.jfrog.org/confluence/display/RTF/Authenticating+with+LDAP.

>
> HTH,
>
> Yoav
>
> On Wed, Jul 29, 2009 at 7:15 PM, bman <[hidden email]> wrote:
>
>>
>> Hi all,
>>
>> I'm pretty new to Artifactory and not very knowledgeable about Active
>> Directory and I am trying to get them to play nicely together.  Aside
>> from
>> the 2 required fields of 'Ldap key' and 'Ldap URL', I'm not sure how to
>> complete the configuration.  The admin that gave me a hand said that
>> anonymous binding is not allowed, does that affect which settings I use?
>>  It
>> seems that either a user DN Pattern or Search Filter is to be used, does
>> it
>> matter which?
>>
>> With a key, url, and search filter of 'sAMAccountName={0}' testing the
>> ldap
>> connection results in:
>> 2009-07-29 10:39:40,739 [ERROR] (o.a.s.l.LdapConnectionTester:186) -
>> Error
>> connecting to the LDAP server: Failed to parse DN; nested exception is
>> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
>> column
>> 6.  Encountered: ":" (58), after : "": Failed to parse DN; nested
>> exception
>> is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
>> column 6.  Encountered: ":" (58), after : ""
>>
>> With a key, url, and user DN pattern of 'sAMAccountName={0}' testing the
>> ldap connection results in the same error.  Changing the DN pattern to
>> 'uid={0},ou=People' results in the same error.
>>
>> Thanks for any advice you are able to give me!
>> Barry
>> --
>> View this message in context:
>> http://www.nabble.com/Active-Directory-Configuration-tp24722549p24722549.html

>> Sent from the Artifactory-Users mailing list archive at Nabble.com.
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day
>> trial. Simplify your report design, integration and deployment - and
>> focus
>> on
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july

>> _______________________________________________
>> Artifactory-users mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
> 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Artifactory-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>
>

--
View this message in context: http://www.nabble.com/Active-Directory-Configuration-tp24722549p24797892.html
Sent from the Artifactory-Users mailing list archive at Nabble.com.


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users
Reply | Threaded
Open this post in threaded view
|

Re: Active Directory Configuration

bman-3

Thanks!  Changing to a lowercase L made all the difference.  Now I am just
waiting to have a port opened up and I should be sailing along.

Thanks for all the help!
Barry


Yossi Shaul-2 wrote:

>
> Looks like a bug in Spring ldap, it should work if you change the capital
> letter 'L' to lower case 'l'  (eg, use 'ldap://' instead of "Ldap").
>
> I opened an issue in Artifactory:
> http://issues.jfrog.org/jira/browse/RTFACT-2036.
>
> Thanks,
> Yossi
>
>
>
>
> ________________________________
> From: bman <[hidden email]>
> To: [hidden email]
> Sent: Monday, August 3, 2009 11:45:32 PM
> Subject: Re: [Artifactory-users] Active Directory Configuration
>
>
> Thanks Yoav.
>
> I now have a service account setup and entered its credentials for
> "Manager
> DN" and "Manager Password" but am still having the same issue.  I used
> JXplorer to verify that I can connect with these credentials.  Am I
> configuring this through Artifactory wrong, or is there something with
> Active Directory that needs configured?
>
> My settings:
> Ldap key: myLdap
> Ldap URL: Ldaps://our.server.com/dc=corp,dc=company,dc=com
> Search Filter: sAMAccountName={0}
> Manager DN: CN=Artifactory,OU=Accounts,DC=corp,DC=company,DC=com
> Manager Password: password
> Test Username: me
> Test Password: mypassword
>
> Test connection fails...
> 2009-08-03 15:36:05,146 [ERROR] (o.a.s.l.LdapConnectionTester:186) - Error
> connecting to the LDAP server: Failed to parse DN; nested exception is
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
> column
> 6.  Encountered: ":" (58), after : "": Failed to parse DN; nested
> exception
> is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
> column 6.  Encountered: ":" (58), after : ""
>
> Thanks for any pointers!
> Barry
>
>
>
> Yoav  Landman wrote:
>>
>> You will need to use a search filter and specify a manager DN and
>> password
>> to bind with to the server, in order to perform the user search.
>> This is very similar to the sample given at:
>> http://wiki.jfrog.org/confluence/display/RTF/Authenticating+with+LDAP.
>>
>> HTH,
>>
>> Yoav
>>
>> On Wed, Jul 29, 2009 at 7:15 PM, bman <[hidden email]> wrote:
>>
>>>
>>> Hi all,
>>>
>>> I'm pretty new to Artifactory and not very knowledgeable about Active
>>> Directory and I am trying to get them to play nicely together.  Aside
>>> from
>>> the 2 required fields of 'Ldap key' and 'Ldap URL', I'm not sure how to
>>> complete the configuration.  The admin that gave me a hand said that
>>> anonymous binding is not allowed, does that affect which settings I use?
>>>  It
>>> seems that either a user DN Pattern or Search Filter is to be used, does
>>> it
>>> matter which?
>>>
>>> With a key, url, and search filter of 'sAMAccountName={0}' testing the
>>> ldap
>>> connection results in:
>>> 2009-07-29 10:39:40,739 [ERROR] (o.a.s.l.LdapConnectionTester:186) -
>>> Error
>>> connecting to the LDAP server: Failed to parse DN; nested exception is
>>> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
>>> column
>>> 6.  Encountered: ":" (58), after : "": Failed to parse DN; nested
>>> exception
>>> is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1,
>>> column 6.  Encountered: ":" (58), after : ""
>>>
>>> With a key, url, and user DN pattern of 'sAMAccountName={0}' testing the
>>> ldap connection results in the same error.  Changing the DN pattern to
>>> 'uid={0},ou=People' results in the same error.
>>>
>>> Thanks for any advice you are able to give me!
>>> Barry
>>> --
>>> View this message in context:
>>> http://www.nabble.com/Active-Directory-Configuration-tp24722549p24722549.html
>>> Sent from the Artifactory-Users mailing list archive at Nabble.com.
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>>> 30-Day
>>> trial. Simplify your report design, integration and deployment - and
>>> focus
>>> on
>>> what you do best, core application coding. Discover what's new with
>>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>>> _______________________________________________
>>> Artifactory-users mailing list
>>> [hidden email]
>>> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>>>
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
>> 30-Day
>> trial. Simplify your report design, integration and deployment - and
>> focus
>> on
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> Artifactory-users mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>>
>>
>
> --
> View this message in context:
> http://www.nabble.com/Active-Directory-Configuration-tp24722549p24797892.html
> Sent from the Artifactory-Users mailing list archive at Nabble.com.
>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
> 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Artifactory-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>
>
>
>      
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008
> 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Artifactory-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/artifactory-users
>
>

--
View this message in context: http://www.nabble.com/Active-Directory-Configuration-tp24722549p24854090.html
Sent from the Artifactory-Users mailing list archive at Nabble.com.


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Artifactory-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/artifactory-users