AD Help

ed11 · March 29, 2006, 7:09pm

I’'ve been at this for a few days now. I have read all the other threads and even copied and pasted some of the wildfire.xml files that have worked, but still no go. below is a copy of my .xml file.

<?xml version="1.0" encoding="UTF-8"?>

The configuration seems to be right, since I don’‘t get any error messages, but I’'m not able to login. I even try using the default “admin” and still no go. HELP!!!

KevCar · March 29, 2006, 8:40pm

Change your basedn to this

its the spaces thats messing things up

ed11 · March 29, 2006, 8:52pm

I changed the following from , still no go…HELP

Dan2 · March 29, 2006, 9:16pm

Your AdminDN is not correct. You need to use something more like:

cn=Administrator,cn=Users,dc=mercy,dc=local

Also, I’‘m pretty sure that Domain Users is NOT an OU, it is a built-in group (someone correct me if I’‘m wrong…i don’'t have my AD in front of me). So stick with dc=mercy,dc=local for the basedn.

KevCar · March 29, 2006, 9:38pm

his AdminDN should be fine.

Its the spaces in the baseDN that is most likely causing the problem. Using Quotes does not help.

Change it like I said in my previous post and let me know.

Message was edited by: KevCar

ed11 · March 30, 2006, 2:39pm

Nope… changed the baseDN to 172.17.0.54:389

0000: 30 22 02 01 03 42 00 A0 1B 30 19 04 17 32 2E 31 0"…B…0…2.1

0010: 36 2E 38 34 30 2E 31 2E 31 31 33 37 33 30 2E 33 6.840.1.113730.3

0020: 2E 34 2E 32 .4.2

Rick_Dale · March 30, 2006, 3:37pm

Try setting the baseDN to dc=mercy,dc=local and work from there. For our implementation, we created a new OU that contains no spaces in the name and moved our chat enabled user accounts there. Using this method, we don’'t need to use any group filters. Here is an example of our config:

<?xml version="1.0" encoding="UTF-8"?>

/code

ed11 · March 30, 2006, 6:32pm

Below is the config that’‘s in the .xml file. I have looked over this file and compared it and it looks correct, but I’‘m still not able to log into the Admin Console… I’‘m not ready to give up on this and I really appreciate all the help… What is it that i’'m doing wrong, according to the site, 10 mins and your up and running…lol

<?xml version="1.0" encoding="UTF-8"?>

Rick_Dale · March 30, 2006, 7:07pm

Change the baseDN to:

/code

and enable debug here:

/code

Once you do this, restart the Wildfire, attempt to log in and then review the debug log. Post the contents of the log here and we’'ll have a better idea of where the failure is. The debug log will be located in the log subdirectory under the install location of Wildfire. The name of the file is debug.log

jeff_garner · March 30, 2006, 7:46pm

Is the 172.xxx.xxx.xxx a Domain controller for your domain? the Domain Users issue has been a problem, you need a no spaced entry there.

Jeff

ed11 · March 30, 2006, 8:25pm

this is the output from the debug.log file

2006.03.29 12:54:27 Loading plugin admin

2006.03.29 12:54:38 Loading plugin search

2006.03.30 15:21:46 Created new LdapManager() instance, fields:

2006.03.30 15:21:46 host:

2006.03.30 15:21:46 port: 389

2006.03.30 15:21:46 usernamefield: sAMAccountName

2006.03.30 15:21:46 baseDN: OU=users,DC=mercy,DC=local

2006.03.30 15:21:46 alternateBaseDN: null

2006.03.30 15:21:46 nameField: displayName

2006.03.30 15:21:46 emailField: mail

2006.03.30 15:21:46 adminDN: mercy\wildfire

2006.03.30 15:21:46 adminPassword: wildfire

2006.03.30 15:21:46 searchFilter: (sAMAccountName=)
2006.03.30 15:21:46 ldapDebugEnabled: false
2006.03.30 15:21:46 sslEnabled: false
2006.03.30 15:21:46 initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory
2006.03.30 15:21:46 connectionPoolEnabled: true
2006.03.30 15:21:46 autoFollowReferrals: false
2006.03.30 15:21:46 groupNameField: cn
2006.03.30 15:21:46 groupMemberField: member
2006.03.30 15:21:46 groupDescriptionField: description
2006.03.30 15:21:46 posixMode: false
2006.03.30 15:21:46 groupSearchFilter: (member=)

2006.03.30 15:21:51 Loading plugin admin

2006.03.30 15:22:03 Loading plugin search

Rick_Dale · March 30, 2006, 8:45pm

I dont see any errors in this log. Did you try to log in to the console? If so, what happened? Also, you did not change the base DN as I suggested.

ed11 · March 30, 2006, 9:07pm

on the Wildfire console I don’'t get any error message… this is from the debug.log file

2006.03.30 15:59:46 Created new LdapManager() instance, fields:

2006.03.30 15:59:46 host:

2006.03.30 15:59:46 port: 389

2006.03.30 15:59:46 usernamefield: sAMAccountName

2006.03.30 15:59:46 baseDN: DC=mercy,DC=local

2006.03.30 15:59:46 alternateBaseDN: null

2006.03.30 15:59:46 nameField: displayName

2006.03.30 15:59:46 emailField: mail

2006.03.30 15:59:46 adminDN: mercy\wildfire

2006.03.30 15:59:46 adminPassword: wildfire

2006.03.30 15:59:46 searchFilter: (sAMAccountName=)
2006.03.30 15:59:46 ldapDebugEnabled: false
2006.03.30 15:59:46 sslEnabled: false
2006.03.30 15:59:46 initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory
2006.03.30 15:59:46 connectionPoolEnabled: true
2006.03.30 15:59:46 autoFollowReferrals: false
2006.03.30 15:59:46 groupNameField: cn
2006.03.30 15:59:46 groupMemberField: member
2006.03.30 15:59:46 groupDescriptionField: description
2006.03.30 15:59:46 posixMode: false
2006.03.30 15:59:46 groupSearchFilter: (member=)

2006.03.30 15:59:51 Loading plugin admin

2006.03.30 16:00:02 Loading plugin search

Rick_Dale · March 30, 2006, 9:22pm

So when you try to log in, you dont see any messages like:

Login failed: make sure your username and password are correct and that you’'re an admin or moderator.

ed11 · March 30, 2006, 9:33pm

I don’‘t’’ see any messages. I checked my SQL database and looked at the “jiveUser” table and wildfire is the administrator. Is there another location that i can verify if the user wildfire is an admin or moderator?

Rick_Dale · March 30, 2006, 10:01pm

Wildfire would need to be a user in AD based on your config. You might also add your AD user id to the list of admin users in the config file and try logging onto the console with your ID.

This is puzzling since there is nothing abnormal in the debug log… We must be missing something.

What are you using for the database? If you are using MSSQL you can confirm wildfire is connecting to the DB via enterprise manager, are you seeing connections from Wildfire there? It probably is connecting fine though since we don’'t see any errors to that effect in the debug logs.

Also, review the contents of the error.log and post anything of interest here.

ed11 · March 31, 2006, 2:34pm

It’'s working now. After taking a shot of some rum, I looked at the wildfire.xml configs and added the wildfire user to the authorized user setting and was able to get in… Thanks alot for you help.

One more question… I’'m using the Spark IM client… I should be able to just login with any AD user using my regular password? Also, the server setting should be the server of my chat server?

below is the working wildfire.xml config file

Rick_Dale · March 31, 2006, 7:27pm

Assuming you are not using SRV records in your DNS server to specify the host which services XMPP requests, your users would login with credentials that look like this:

JID: ADUserID@ServerName.Domain.local or com or whatever

Password: ADUserPassword

When using Spark, you would sepeate the JID into the user and server fields at the “@”

Does that make sense?