I need your help to solve my LDAP problem. I’‘ve been testing Wildfire since 3.0.1 and now I’'m working with 3.1.1.
When I’‘m finishing LDAP wizard configuration I can’'t log in with the users that I write down to be administrators, I get an Authentication Error. When I checked the debug file indicates the next:
2007.01.12 11:55:04 Starting LDAP search…
2007.01.12 11:55:04 … search finished
2007.01.12 11:55:04 In LdapManager.checkAuthentication(userDN, password), userDN is: uid=“jfigueroa”…
2007.01.12 11:55:04 Created context values, attempting to create context…
2007.01.12 11:55:04 Caught a naming exception when creating InitialContext
javax.naming.AuthenticationException: LDAP: error code 49 - Invalid Credentials
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
And these is my wildfire.xml file:
(uid=)
I tested my Base DN and works fine, I don’'t know what to do please help me, thanks in advance.
Hola Jorge,
When updating from 3.0.* to 3.1 the LDAP mapping configuration was changed. From what I can see you now have a mix of versions. Options:
-
In remove the uid field since Wildfire will be adding it automatically. You may want to add something like the objectClass field to ensure that you are filtering out invalid elements.
-
Back up the configuration file and run the setup process again by setting the element to false.
Regards,
– Gato
Turn your . Is there anything else in the logs, as it looks like the error you are getting isn;t finding the username.
Also, just as a test, have you attempted to log in with the wildfire admin account to see what you get in the logs?
Jeff
Gaston,
Gracias por tu respuesta. Bueno just for the record la versión 3.1.1 que tengo instalada no es un upgrade que hice, mas bien esta instalada en un nuevo servidor linux que tengo de prueba. Ejecute el cambio que me propusiste borrando el uid de la etiqueta de que esta con uid, sin embargo cuando ejecuto el testeo no me da error pero según el test me debería jalar un usuario al azar y no me jala nada.
En el paso 3 de 3, “Mapeo de Grupos” no modifique nada esta con “cn”, “member” y “description”, en el test el cn me jala los nombres de mis usuarios y también su descripción.
En la siguiente pantalla Cuenta del Administrador alimento mi cuenta y la propia del administrador pero cuando pruebo el test e introduzco las claves respectivas me sale Autenticación ha fallado.
He habilitado el debug para ver el error y es el que adjunte antes.
Por favor si puedes darme mas pautas para verificar te agradecere mucho.
salu2
Thanks for your time,
I Turned the uid=“Administrator”,…
I don’'t know if these can be the problem but the double quotes seems to be a kind of different.
0E…`@…3uid=
“Administrator”,
ou=Users,dc=ffpf
ie,dc=com,dc=bo.
.123456
Second, in the debug.log:
I verified the same message that I show you before
2007.01.12 16:57:24 In LdapManager.checkAuthentication(userDN, password), userDN is: uid=“Administrator”…
2007.01.12 16:57:24 Created context values, attempting to create context…
2007.01.12 16:57:24 Caught a naming exception when creating InitialContext
javax.naming.AuthenticationException: LDAP: error code 49 - Invalid Credentials
But now I can note that there is another message
2007.01.12 16:57:24
org.jivesoftware.wildfire.auth.UnauthorizedException: org.jivesoftware.wildfire.auth.UnauthorizedException: Username and password don’'t match
I also tried with the administrator account with the same results.
Please keep in touch I need your help.
i am certain that you are using the proper user names , however it does look like you are having username and password issues…
the invalid credentials point me to that direction of thought.
Jeff
Hi there,
I encountered the same problem using the latest 3.2.4 version.
Apparently the culprit is at LdapManager.java.
if (encloseUserDN) {
// Enclose userDN values between "
// eg. cn=John, Doe,ou=People --> cn=“John, Doe”,ou=“People”
Matcher matcher = userDNPattern.matcher(userDN);
userDN = matcher.replaceAll("$1"$2",");
if (userDN.endsWith(",")) {
userDN = userDN.substring(0, userDN.length() - 1);
}
}
With the above codes,
cn=user,o=domain translated to cn=“user”,o=domain
Apparently, our openldap failed to work when cn is enclosed with quotes.
After further reading the source code, i discovered that encloseUserDN is a configurable variable.
In your wildfire.xml
simply add this in your
and all should work well.
Cheers!
Wai Phang