- Topics: Active | Unanswered
Pages: 1
Topic closed
#1 2012-02-07 09:56:30
- **_blakerich_**
AC 8 sp2 installed, LDAP now non-functional
Good Morning,
I updated from AC8 sp1 to AC8 sp2 over the weekend and found yesterday that my users who connect via LDAP can no longer connect. I've verified LDAP connection settings -- it verifies just fine. On the LDAP server side, I can see a successful login logged, but the login page returns with a invalid username or password error.
In the Access log, it shows the following:
2012-02-07 00:29:45 "No data could be found." PRINCIPAL NO_DATA W A PUBLIC {cookie=breezv9fhur5q72anpyuo, account-id=7, ip=127.0.0.1} "POST https://connect.xxx.xxx/system/login/ok … ct.xxx.xxx [{next=[/admin?domain=connect.xxx.xxx], domain=[connect.xxx.xxx], feature=1294=[Login], feature=[1294], login=[myloginname], set-lang=[en], password=xxxxxxxxxx}]" 3 33/41 0
I have LDAP set to fail to local. When a local password is set and type, it will work fine.
Has anyone seen this type of thing before?
Thanks!
Offline
#2 2012-02-07 20:53:29
- **_blakerich_**
Re: AC 8 sp2 installed, LDAP now non-functional
Good Evening,
What we ended up finding is that the move from sp1 to sp2 seemed to change the interaction with our LDAP server. From AC 6 to AC 8 sp1, the field specifications didn't seem to be case sensitive and I didn't have to specify a filter for the search -- I let the whole tree be searched. Making sure all the fields matched the case in LDAP and specifying a more specific filter fixed the problem. I had also imported the LDAP servers certificates in the <install_root>/jre/lib/security/cacerts file previously, which may or may not have been necessary -- if I get a chance, I'll remove them and test.
Setting the filter to return one account and checking the synchronization preview helped with troubleshooting it.
Thanks!
Offline
Pages: 1
Topic closed