Hello
I often use LDAP browser to confirm my credentials are correct,
by setting up a connection to an AD server. If that works OK then I would need
the help of our AD admin.
http://download.softerra.com/files/ldapbrowser26.msi
This is our LDAP config
auth.type.ldap.server_ssl.1=false
auth.type.ldap.ldap_version.1=3
auth.type.ldap.deref_aliases.1=never
auth.type.ldap.server_url.1=ldap://livad.liv.ac.uk:389
auth.type.ldap.base_search_fdn.1=OU=UOL,DC=livad,DC=liv,DC=ac,DC=uk
auth.type.ldap.use_priv_user.1=true
auth.type.ldap.user_fdn.1=CN=some_account,OU=Service
Accounts,OU=UOL,DC=livad,DC=liv,
DC=ac,DC=uk
auth.type.ldap.user_pwd.1=some_password
auth.type.ldap.user_tag.1=mailNickName
auth.type.ldap.referral.1=ignore
auth.type.ldap.referral_limit.1=0
auth.type.ldap.timeout.1=60000
auth.type.ldap.server_error_fatal.1=true
auth.type.ldap.context_factory.1=blackboard.platform.security.authentication.Pas
swordPolicyContextFactory
Thanks, Jake
--------------------------------------------
Jake Gannon
Computing Services
The University of Liverpool
External: 0151 794 4458
Internal: 44458
--------------------------------------------
From: Blackboard/Courseinfo userslist
[mailto:[log in to unmask]] On Behalf Of Paul Beal
Sent: 14 December 2007 16:37
To: [log in to unmask]
Subject: Re: ldap
Hello
It would appear that way, the error 49 indicates that there is
account issues but the account used is used elsewhere within the college
systems to authenticate against AD and the account works there.
Assuming that the box the bb web app runs on, the services runs
local to the box and not the domain so I have given privileges to the 2 bb
services authorisation on the domain to see if that works but to no avail.
Best Regards,
Paul Beal
Server / Applications Administrator
Doncaster College
From: Blackboard/Courseinfo userslist
[mailto:[log in to unmask]] On Behalf Of Gannon, Jake
Sent: 14 December 2007 16:26
To: [log in to unmask]
Subject: Re: ldap
Hello
Sounds like you are not connecting to AD at all.
Error 49: LDAP_INVALID_CREDENTIALS: Indicates that during a bind
operation one of the following occurred:
The client passed either an incorrect DN or password.
The password is incorrect because it has expired, locked
account, or some other similar reason.
Thanks, Jake
--------------------------------------------
Jake Gannon
Computing Services
The University of Liverpool
External: 0151 794 4458
Internal: 44458
--------------------------------------------
From: Blackboard/Courseinfo userslist
[mailto:[log in to unmask]] On Behalf Of Paul Beal
Sent: 14 December 2007 16:23
To: [log in to unmask]
Subject: ldap
Hello
BB
6.2.3.23
I
am having trouble setting up LDAP against a dev version of BB running on a
virtual server.
What
part of the user db (batch_uid, user_uid, etc) when the user logs in gets
passed to the AD box for authentication?
I
am assuming that it uses user_id as this is the correct entry against AD, then
passed back to BB then appropriate courses are then listed?
I
have edited the authentication.properties as mentioned in the manual using the
sAMAccount tag and a privileged users to read the AD tree.
Accounts
still fail the authentication, when I go on the web app box and read the logs,
the most common messages I get are LDAP error 49 and another one that appears
is Connection refused.
Is
there something glaringly obvious that I have missed regarding ldap?
I
am going to re-read the ‘manual’ over the weekend to see if I can
spot anything I have missed but any suggestions would be appreciated, on or off
list.
Many
thanks in advance.
Best
Regards,
Paul
Beal
Server
/ Applications Administrator
Doncaster
College