AD Integration with Jive Messenger

T_Anil_Kumar · September 20, 2005, 6:27am

Hi brainees,

AD Integration problem has been bugging me for quiet some time. I tried with all the options posted in the replies of this forum. But that didn’'t work out for.

I am trying to integrate AD with jive messenger by giving the following options. Kindly guide me through to overcome this problem…

The above are the configuration details i have given in jive-messenger.xml. I have also tried with default values by only including the host name, baseDN. And several others.

After configuring this file and when i tried to login to the admin console, it is giving an error saying login failed, check whether user has admin or moderator privileges. But ihave given the admin privileges to the user in the AD.

And in the log files it is giving an error like "UNABLE TO FIND THE USER DN AGAINST THE NAME “VASANTH” and proceeds giving the UserAuthenticationError.

Is there anything i am missing in the configuration file that i have to include.

Plzzzzzzzzzzzzzzzzzz help me in figuring out a correct solution for this.

regards,

Vasanth

Noah_Campbell · September 20, 2005, 1:11pm

Your host[/i] Anil@suvarthan.com[/b] should be your domain controller, where AD lives.

Try dropping the @pred.com[/b] from asanth@pred.com.[/b] in the AdminDN[/i]. Or try CN=asanth, CN=Users,DC=suvarthan,DC=com[/b].

Hope you find this helpful.

Noah

T_Anil_Kumar · September 23, 2005, 2:31pm

Hi,

I apppreciate your help.I ve tried with that,but it didnt serve the purpose.

It still gives the same error.Kindly suggest further.

If you have any documents/links related ,pls forward .

Thanks in advance.

Vasanth

frazzled · September 23, 2005, 2:55pm

as you have not submitted an updated config after Noah’‘s suggestions, I will have to use your original config as the starting point. i’'ve only included the deltas

[/i] <-------i don’'t have this line.

additional note: the usernames are case-sensitive. if, in AD, your username is Vasanth, that’'s how you have to use in your config and to login to the website.[/b]

i know that these deltas are atleast part of your problem, but if it still doesn’'t work, please post your updated config.

hope this helps,

frazzled

T_Anil_Kumar · September 23, 2005, 4:19pm

Hi,

I am including the whole of the config file, also followed ur instructions.checked the case of username&password too.also replaced OU.excluded initialcontext factory…

<!~~machine_name~~>

it just gives authentication exception…

I m also including the exceptions being thrown…

2005.09.23 21:34:49 Created new LdapManager() instance, fields:

2005.09.23 21:34:49 host: igbtest

2005.09.23 21:34:49 port: 389

2005.09.23 21:34:49 usernamefield: displayName

2005.09.23 21:34:49 baseDN: OU=Users,DC=suvarthan,DC=com

2005.09.23 21:34:49 alternateBaseDN: null

2005.09.23 21:34:49 nameField: cn

2005.09.23 21:34:49 emailField: mail

2005.09.23 21:34:49 adminDN: CN=vasanth,OU=Users,DC=suvarthan,DC=com

2005.09.23 21:34:49 adminPassword: kushvant

2005.09.23 21:34:49 searchFilter: (displayName=)

2005.09.23 21:34:49 ldapDebugEnabled: false

2005.09.23 21:34:49 sslEnabled: false

2005.09.23 21:34:49 initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory

2005.09.23 21:34:49 connectionPoolEnabled: true

2005.09.23 21:34:49 autoFollowReferrals: false

2005.09.23 21:34:58 Loading plugin admin

2005.09.23 21:35:41 Trying to find a user’'s DN based on their username. displayName: vasanth, Base DN: OU=Users,DC=suvarthan,DC=com…

2005.09.23 21:35:41 Creating a DirContext in LdapManager.getContext()…

2005.09.23 21:35:41 Created hashtable with context values, attempting to create context…

2005.09.23 21:35:41 Exception thrown when searching for userDN based on username ‘‘vasanth’’

javax.naming.AuthenticationException: LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)

…

Thanks,

Vasanth

Noah_Campbell · September 23, 2005, 4:32pm

2 Things.

AD is NOT[/b] case sensitive on the username. AD is case sensitive on the password. I pulled my teeth out trying to work around this issue when a large application server provider overlooked this detail. Maybe it’'s changed since I met that problem head on 2 years ago.
Your .

Hope this helps,

Noah

frazzled · September 28, 2005, 3:38pm

Vasanth:

no, your should remain sAMAccountName[/b]. your should be displayName[/b], not ‘‘cn’’. i believe this is what is throwing your exceptions. should DEFINITELY be dc.suvarthan.com[/b]. everything else appears to be correct.

Noah:

First, Jive Messenger is great, save for an easy way to view conversation logs w/in the gui (unless i’'m missing something).

we use AD 2000 and my config settings are set as shown below. if i try to use jdoe as the username it does not work. i have to use JDoe b/c that is the way it is setup in AD. i experienced this same issue when i was trying to implement KnowledgeTree LDAP.

cheers,

frazzled