Problem with Wildfire LDAP to login to admin console

goudviske · May 31, 2006, 12:35pm

Hi,

I’‘ve installed Wildfire a couple of days ago, after some discussion we thought it’‘d be nice to be able to use the LDAP authentication using our W2k3 active directory server. And this is actually working, users can log on to the Spark client, but apparantly it’'s no longer possible to log on to the web console, which is however quite important…

I think the problem may be related with the admindn, wildfire has it’'s own account on the AD, which is in the structure as follows:

location.local

|-Department (OU)

| |-Accounts (OU)

| | |-Wildfire (User)

so the user is in the location.local domain, under the department ou, under the accounts ou, there’'s the Wildfire user.

Here’'s part from the config:

thanks in advance, and congrats on this fine FREEWARE product…

Message was edited by: goudviske

jeff_garner · May 31, 2006, 12:45pm

I have seen where the Windows AD guys use admin@domain.com instead of placing all of the cn=,ou=,dc= contexts. Have you tried something along this thought? I do not use AD, but you can search this forum and find a couple of config file examples that have this in place.

Jeff

goudviske · May 31, 2006, 1:10pm

I’‘ve tried it with the smtp address, user@domain.local, but doesn’'t seem to be resolved at first glance, but there are still a few things to try…

thanks for your help

jeff_garner · May 31, 2006, 1:28pm

Can you see your logs? If so anything of interest?

goudviske · May 31, 2006, 3:57pm

didn’'t see anything i think has something to do with it…

jeff_garner · May 31, 2006, 4:19pm

In your debug log, do you see anything dealing with your admin account when you attempt to login?

goudviske · June 1, 2006, 7:15am

If I try logging on with the admin account called Wildfire, it does not bring up anything in the log, if however I try logging on with “admin”, the standard I used before LDAP, I’‘m getting an error like it doesn’'t find the user name, which I think is somewhat normal… see below

I still think there’‘s something wrong with my adminDN, I’‘ve tried using the smtm, i’‘ve tried using domain\user aswell, neither seem to work, I suppose the user also has to be put in the authorisedUsernames tag, when I try logging on I’'ve also tried using just the username, the smtp, the domain\user, but neither seem to work…

2006.06.01 09:11:21 Exception thrown when searching for userDN based on username ‘‘admin’’

org.jivesoftware.wildfire.user.UserNotFoundException: Username admin not found

at org.jivesoftware.wildfire.ldap.LdapManager.findUserDN(LdapManager.java:493)

at org.jivesoftware.wildfire.ldap.LdapManager.findUserDN(LdapManager.java:428)

at org.jivesoftware.wildfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:87)

at org.jivesoftware.wildfire.auth.AuthFactory.authenticate(AuthFactory.java:114)

at org.jivesoftware.wildfire.admin.login_jsp._jspService(login_jsp.java:134)

at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)

at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:830)

at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:39)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:821)

at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:43)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:821)

at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:41)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:821)

at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:98)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:821)

at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler. java:471)

at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)

at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)

at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.ja va:633)

at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)

at org.mortbay.http.HttpServer.service(HttpServer.java:909)

at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)

at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982)

at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)

at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)

at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)

at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)

goudviske · June 1, 2006, 8:04am

I found the problem,

I’'ve put admindn as smtp address again, but then I noticed that the user used as admin was for some reason locked out in active directory :s

so after all the SMTP address was the right answer

thanks for the help

jeff_garner · June 1, 2006, 12:05pm

No problem, glad to help!

Jeff