The Issue is admin login doesn’'t work, even though the user and password is correct, the openldap server has been in use for years and is used daily. the admin username is in the admin users section of the wildfire.xml.
Here is the setup
Fedora core 5 wildfire 3.1.1 server
Installation went fine, started wildfire and use the web interface to configure the wildfire.xml file.
This connected to the database (mysql) properly, set the openldap parameters and test connection worked fine.
But when using the user test and group test pages no results would be returned.
so I stopped the wildfire server and configured the wildfire.xml file my hand.
wildfire server starts fine now. how ever the ldap authentication does not work.
*Here is the config: /opt/wildfire/conf/wildfire.xml
/searchFilter> memberUid
Note: The mysql server is on the same server as the wildfire is, the ldap server is running on a separate Redhat AS 3 box.
Here is the wildfire debug.log file after a startup and unsuccessful admin login
I know the username and password are correct since we use the ldap directory for all our linux cluster systems.
-bash-3.1$ more debug.log
2007.01.03 14:19:13 Created new LdapManager() instance, fields:
host:
port: 389
usernamefield: uid
baseDN: dc=ctg,dc=albany,dc=edu
alternateBaseDN: null
nameField: cn
emailField: mail
adminDN: null
adminPassword: null
searchFilter: (&(objectClass=posixAccount)(ou=People)(uid=))
subTreeSearch:true
ldapDebugEnabled: true
sslEnabled: false
initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory
connectionPoolEnabled: false
autoFollowReferrals: false
groupNameField: cn
groupMemberField: memberUid
groupDescriptionField: description
posixMode: true
groupSearchFilter: (&(objectClass=posixGroup)(memberUid=))
2007.01.03 14:19:20 Loading plugin admin
2007.01.03 14:19:30 Loading plugin search
2007.01.03 14:22:36 Trying to find a user’'s DN based on their username. uid: superuser, Base DN: dc=ctg,dc=albany,dc=edu…
2007.01.03 14:22:36 Creating a DirContext in LdapManager.getContext()…
2007.01.03 14:22:36 Created hashtable with context values, attempting to create
context…
2007.01.03 14:22:36 … context created successfully, returning.
2007.01.03 14:22:36 Starting LDAP search…
2007.01.03 14:22:36 … search finished
2007.01.03 14:22:36 User DN based on username ‘‘superuser’’ not found.
2007.01.03 14:22:36 Exception thrown when searching for userDN based on username
‘‘superuser’’
How is the LDAP search constructing the userDN ?
If I use ldapsearch with the search filter I get the names from the ldap as expected.
-
extended LDIF
-
LDAPv3
-
base <dc=ctg,dc=albany,dc=edu> with scope subtree
-
filter: (objectClass=posixAccount)(ou=People)(uid=
like: ldapsearch -b “dc=ctg,dc=albany,dc=edu” “(objectClass=posixAccount)(ou=People)(uid=)” # ) -
requesting: ALL
dn: uid=user,ou=People,dc=ctg,dc=albany,dc=edu
Our plan is to use CAS authentication in to help integrate the user account and passwords.
http://www.ja-sig.org/products/cas/
Thanks
Derek