Problem with Wildfire LDAP to login to admin console


I’‘ve installed Wildfire a couple of days ago, after some discussion we thought it’‘d be nice to be able to use the LDAP authentication using our W2k3 active directory server. And this is actually working, users can log on to the Spark client, but apparantly it’'s no longer possible to log on to the web console, which is however quite important…

I think the problem may be related with the admindn, wildfire has it’'s own account on the AD, which is in the structure as follows:


|-Department (OU)

| |-Accounts (OU)

| | |-Wildfire (User)

so the user is in the location.local domain, under the department ou, under the accounts ou, there’'s the Wildfire user.

Here’'s part from the config:

thanks in advance, and congrats on this fine FREEWARE product…

Message was edited by: goudviske

Message was edited by: goudviske

I have seen where the Windows AD guys use instead of placing all of the cn=,ou=,dc= contexts. Have you tried something along this thought? I do not use AD, but you can search this forum and find a couple of config file examples that have this in place.


I’‘ve tried it with the smtp address, user@domain.local, but doesn’'t seem to be resolved at first glance, but there are still a few things to try…

thanks for your help

Can you see your logs? If so anything of interest?

didn’'t see anything i think has something to do with it…

In your debug log, do you see anything dealing with your admin account when you attempt to login?

If I try logging on with the admin account called Wildfire, it does not bring up anything in the log, if however I try logging on with “admin”, the standard I used before LDAP, I’‘m getting an error like it doesn’'t find the user name, which I think is somewhat normal… see below

I still think there’‘s something wrong with my adminDN, I’‘ve tried using the smtm, i’‘ve tried using domain\user aswell, neither seem to work, I suppose the user also has to be put in the authorisedUsernames tag, when I try logging on I’'ve also tried using just the username, the smtp, the domain\user, but neither seem to work…

2006.06.01 09:11:21 Exception thrown when searching for userDN based on username ‘‘admin’’

org.jivesoftware.wildfire.user.UserNotFoundException: Username admin not found

at org.jivesoftware.wildfire.ldap.LdapManager.findUserDN(

at org.jivesoftware.wildfire.ldap.LdapManager.findUserDN(

at org.jivesoftware.wildfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:87)

at org.jivesoftware.wildfire.auth.AuthFactory.authenticate(

at org.jivesoftware.wildfire.admin.login_jsp._jspService(

at org.apache.jasper.runtime.HttpJspBase.service(

at javax.servlet.http.HttpServlet.service(

at org.mortbay.jetty.servlet.ServletHolder.handle(

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica

at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica

at org.jivesoftware.util.LocaleFilter.doFilter(

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica

at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica

at org.jivesoftware.admin.AuthCheckFilter.doFilter(

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica

at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler. java:471)

at org.mortbay.jetty.servlet.ServletHandler.handle(

at org.mortbay.http.HttpContext.handle(

at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.ja va:633)

at org.mortbay.http.HttpContext.handle(

at org.mortbay.http.HttpServer.service(

at org.mortbay.http.HttpConnection.service(

at org.mortbay.http.HttpConnection.handleNext(

at org.mortbay.http.HttpConnection.handle(

at org.mortbay.http.SocketListener.handleConnection(

at org.mortbay.util.ThreadedServer.handle(

at org.mortbay.util.ThreadPool$

I found the problem,

I’'ve put admindn as smtp address again, but then I noticed that the user used as admin was for some reason locked out in active directory :s

so after all the SMTP address was the right answer

thanks for the help

No problem, glad to help!