AD/JM 2.3.0 Integration - Help!

Openfire Openfire Support
1

I know there have been many postings about getting JM 2.3.0 to work with AD I have seen many different answers and configurations to get JM to authenticate to AD LDAP. I have tried myself many different configurations. Can someone please take a look at my setup and debug.log and tell me why I cannot authenticate. I appreciate any help.

MY network is a simple single domain. Users are placed into OUs based on differing security policies. The jabber account I created is the DN OU=Systems,DC=bbphoenix,DC=com.

jive-messengerd.xml -

debug log -

2005.11.30 21:28:04 Created new LdapManager() instance, fields:

2005.11.30 21:28:04 host: phoenix1.bbphoenix.com

2005.11.30 21:28:04 port: 389

2005.11.30 21:28:04 usernamefield: sAMAccountName

2005.11.30 21:28:04 baseDN: CN=BBPHOENIX,DC=COM

2005.11.30 21:28:04 alternateBaseDN: null

2005.11.30 21:28:04 nameField: displayName

2005.11.30 21:28:04 emailField: mail

2005.11.30 21:28:04 adminDN: cn=jabber,ou=Systems,dc=bbphoenix,dc=com

2005.11.30 21:28:04 adminPassword: password

2005.11.30 21:28:04 searchFilter: (sAMAccountName=)
2005.11.30 21:28:04 ldapDebugEnabled: true
2005.11.30 21:28:04 sslEnabled: false
2005.11.30 21:28:04 initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory
2005.11.30 21:28:04 connectionPoolEnabled: true
2005.11.30 21:28:04 autoFollowReferrals: false
2005.11.30 21:28:04 groupNameField: cn
2005.11.30 21:28:04 groupMemberField: member
2005.11.30 21:28:04 groupDescriptionField: description
2005.11.30 21:28:04 posixMode: false
2005.11.30 21:28:04 groupSearchFilter: (member=)

2005.11.30 21:28:11 Loading plugin admin

2005.11.30 21:28:25 Loading plugin search

2005.11.30 21:28:31 Connect Socket[addr=/172.1.1.162,port=1584,localport=5222]

2005.11.30 21:28:32 Trying to find a user’'s DN based on their username. sAMAccountName: test, Base DN: CN=BBPHOENIX,DC=

COM…

2005.11.30 21:28:32 Creating a DirContext in LdapManager.getContext()…

2005.11.30 21:28:32 Created hashtable with context values, attempting to create context…

2005.11.30 21:28:33 … context created successfully, returning.

2005.11.30 21:28:33 Starting LDAP search…

2005.11.30 21:28:33 … search finished

2005.11.30 21:28:33 User DN based on username ‘‘test’’’’ not found.

2005.11.30 21:28:33 Exception thrown when searching for userDN based on username ‘‘sanderson’’

org.jivesoftware.messenger.user.UserNotFoundException: Username test not found

at org.jivesoftware.messenger.ldap.LdapManager.findUserDN(LdapManager.java:465)

at org.jivesoftware.messenger.ldap.LdapManager.findUserDN(LdapManager.java:400)

at org.jivesoftware.messenger.ldap.LdapAuthProvider.authenticate(LdapAuthProvider. java:88)

at org.jivesoftware.messenger.auth.AuthFactory.authenticate(AuthFactory.java:114)

at org.jivesoftware.messenger.net.SASLAuthentication.doPlainAuthentication(SASLAut hentication.java:251)

at org.jivesoftware.messenger.net.SASLAuthentication.doHandshake(SASLAuthenticatio n.java:139)

at org.jivesoftware.messenger.net.SocketReader.authenticateClient(SocketReader.jav a:294)

at org.jivesoftware.messenger.net.SocketReader.readStream(SocketReader.java:264)

at org.jivesoftware.messenger.net.SocketReader.run(SocketReader.java:115)

at java.lang.Thread.run(Unknown Source)

I am using Exodus client with account login of test@bbphoenix.com. Thank you anyone.

2

Try to change the baseDN setting as:

3

I did not want to start another thread as my problem is quite similar. I have a JM 2.3.1 running in Windows 2000 Server and trying to authenticate with AD. I have been fighting with this about two full days now and have reinstalled the operating system once, tried all JM versions from 2.2.0 to 2.3.1 and kept reading this forum again and again. I have been testing with Pandion 2.1.2 beta and Spark 1.0.1 clients.

Here is my current setup:

And when trying to authenticate, the debug log looks like this:

2005.12.02 17:12:04 Connect Socket[addr=/xxx.xxx.110.167,port=4755,localport=5222]

2005.12.02 17:12:07 Trying to find a user’'s DN based on their username. sAMAccountName: xxxxxxx, Base DN: OU=XXXXX Users and Groups;OU=YYYYY Users and Groups;DC=nordic;DC=x…

2005.12.02 17:12:07 Creating a DirContext in LdapManager.getContext()…

2005.12.02 17:12:07 Created hashtable with context values, attempting to create context…

2005.12.02 17:12:07 Exception thrown when searching for userDN based on username ‘‘xxxxxxx’’

javax.naming.AuthenticationException: LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 525, vece

And the error log:

2005.12.02 17:12:07 org.jivesoftware.messenger.net.SocketReader.run(SocketReader.java:155) Connection closed before session established Socket[addr=/xxx.xxx.110.167,port=4755,localport=5222]

The most interesting part is that I got it working already somehow. I was able to connect with admin account using IM client and admin console, but none of the other usernames worked. Then the admin account stopped from working and now I am not able to authenticate with any account.

Any suggestions?

4

I installed 2.3.1 and it starting working. I had to make sure to add administrator to the xml but I can see everything in the AD. Now to start filtering.