Openfire 3.6.4
SBS 2003 Server
In an attempt to prevent the server from seeing disabled accounts, I’ve modified my searchFilter.
I’m using “(&(objectClass=organizationalPerson)(!userAccountControl=514))”. When I test this query using LDP or other LDAP query tool, I get the expected results. Openfire throws this [1] exception.
If I just use “(objectClass=organizationalPerson)” it works, but just “(!userAccountControl=514)” does not. This leads me to think that the exception isn’t telling the full story.
In an effort to see if perhaps it was a security issue (something others have mentioned causes weird behavior - see “memberOf” in the discussions), I’ve tried using the Administrator account, and that’s how I’ve currently got it setup. Still getting the same error.
Any help would be greatly appreciated.
- rb
[1]
javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis; remaining name '' at com.sun.jndi.ldap.Filter.findRightParen(Unknown Source) at com.sun.jndi.ldap.Filter.encodeFilterList(Unknown Source) at com.sun.jndi.ldap.Filter.encodeComplexFilter(Unknown Source) at com.sun.jndi.ldap.Filter.encodeFilter(Unknown Source) at com.sun.jndi.ldap.Filter.encodeFilterList(Unknown Source) at com.sun.jndi.ldap.Filter.encodeComplexFilter(Unknown Source) at com.sun.jndi.ldap.Filter.encodeFilter(Unknown Source) at com.sun.jndi.ldap.Filter.encodeFilterList(Unknown Source) at com.sun.jndi.ldap.Filter.encodeComplexFilter(Unknown Source) at com.sun.jndi.ldap.Filter.encodeFilter(Unknown Source) at com.sun.jndi.ldap.Filter.encodeFilterString(Unknown Source) at com.sun.jndi.ldap.LdapClient.search(Unknown Source) at com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source) at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source) at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source) at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source) at javax.naming.directory.InitialDirContext.search(Unknown Source) at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:700) at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:637) at org.jivesoftware.openfire.admin.setup.setup_002dadmin_002dsettings_jsp._jspService(setup_002dadmin_002dsettings_jsp.java:176) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093) at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118) at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:66) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:42) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:70) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:146) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405) at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:206) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:324) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505) at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:843) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:648) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)
Created new LdapManager() instance, fields:
host: [host.domain.local]
port: 389
usernamefield: sAMAccountName
usernameSuffix: baseDN: OU="SBSUsers",OU="Users",OU="MyBusiness",DC="domain",DC="local"
alternateBaseDN: null
nameField: cn
emailField: mail
adminDN: Administrator@domain.local
adminPassword: password
searchFilter: (&(objectClass=organizationalPerson)(!userAccountControl=514))
subTreeSearch:true
ldapDebugEnabled: true
sslEnabled: false
initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory
connectionPoolEnabled: false
autoFollowReferrals: false
autoFollowAliasReferrals: true
groupNameField: cn
groupMemberField: member
groupDescriptionField: description
posixMode: false
groupSearchFilter: null