[Freeipa-users] ldaps Java script issues with RH IdM - odd that I cannot make it connect...
Michael Sean Conley
Michael.Sean.Conley at raytheon.com
Fri Aug 12 20:46:19 UTC 2016
UID binding - I believe - from what I saw in the script.
I ran the nifty search... First on user "binding"...
Got an error 32.
tried it with ddfusr
# ldapsearch -Z -H ldap://aba-idam.aba.home.com -D
'uid=ddfusr,cn=users,cn=accounts,dc=aba,dc=home,dc=com' -W -b
'cn=users,cn=accounts,dc=aba,dc=home,dc=com' '(uid=ddfusr)' cn
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <cn=users,cn=accounts,dc=aba,dc=home,dc=com> with scope subtree
# filter: (uid=ddfusr)
# requesting: cn
#
# ddfusr, users, accounts, aba.home.com
dn: uid=ddfusr,cn=users,cn=accounts,dc=aba,dc=home,dc=com
cn: ddf user
# search result
search: 3
result: 0 Success
# numResponses: 2
# numEntries: 1
Fabulous.
So, I then checked the java xml file...
<jaas:config name="karaf" rank="1">
<jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
connection.username=cn=ddfusr
connection.password=iloveaba!
connection.url=ldaps://aba-idam.aba.house.com:636
user.base.dn=cn=users,cn=accounts,dc=aba,dc=house,dc=com
user.filter=(uid=%u)
user.search.subtree=true
role.base.dn=cn=JBoss,cn=users,cn=accounts,dc=aba,dc=house,dc=com
role.name.attribute=cn
role.filter=(member=
uid=%u,cn=users,cn=accounts,dc=aba,dc=house,dc=com)
role.search.subtree=true
role.mapping=admin=group,admin,manager,viewer,webconsole
authentication=simple
ssl.protocol=SSL
ssl.truststore=truststore
ssl.algorithm=PKIX
</jaas:module>
</jaas:config>
and I tried to log in with the ddfusr account and....
Error 32.
Rassin Frassin! It's too Friday for this.
Michael Sean Conley
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160812/f9621d5a/attachment.htm>
More information about the Freeipa-users
mailing list