We have a set up for Shibboleth idp that includes CAS server (Central Authentication Server by Jasig) in the middle and it is the CAS that authenticates to AD.
All I did to change to 2008 was change the name of the LDAP server in the deployerconfig file to be the new one.
Now that I've just written that down, it probably isn't shibboleth that is my issue - it will be the CAS, nothing like a good panic to mess with the mind! We never had CAS before we got Shibboleth and I have a tendency to think that it is all one beast.
VLE Development Co-ordinator
Tel 01623 627191 ext 8564
Please consider the environment before printing this email.
From: Discussion list for Shibboleth developments [mailto:[log in to unmask]] On Behalf Of Rod Widdowson
Sent: 07 December 2010 18:01
To: [log in to unmask]
Subject: Re: AD on Windows Server 2008 R2 - any issues?
I've used W2k8 extensively without problems. But not in this particular set up. I'm a bit confused when you say "using CAS" but also "authenticating against Active directory". Just to clarify my mind when you say "switching our authentication from pointing the 2003 server to the 2008 server " What did you change?
> now we get the HTTP Status 404 error telling me Apache
> Tomcat is not available.
This might be as easy as an XML syntax issue. I'd first check the logs for anything obvious..
> -----Original Message-----
> From: Discussion list for Shibboleth developments [mailto:[log in to unmask]] On Behalf Of
> Heather Peake
> Sent: 07 December 2010 12:58
> To: [log in to unmask]
> Subject: AD on Windows Server 2008 R2 - any issues?
> We have a version 2 IDP up and running on a Windows server with Apache using CAS and authenticating
> against Active Directory on a Windows Server 2003.
> They are migrating AD to a Windows server 2008 R2.
> Currently the AD is the same on both types of server. I just tried switching our authentication from
> pointing the 2003 server to the 2008 server and now we get the HTTP Status 404 error telling me Apache
> Tomcat is not available.
> For the time being I've switched it back to the 2003 server, but long term this is in demise.
> Is there something significantly different between authenticating to 2003 and 2008 R2. Can anybody
> point me at appropriate info that I've clearly missed? I will admit to being not very good with
> Shibboleth and thus fairly hopeless at trouble shooting it.
> Today's foray into the unknown world of server 2008 was because we were getting reports from the Gale
> group resources saying we were not releasing attributes which made no sense as we have made no changes
> it was just chugging a long happily. We had noticed a clock issue this morning and to be honest I was
> hoping that was it, but thought we would try the new AD server because it needed trying.
Ofsted Outstanding, National Beacon College, IiP Gold Standard and 14th best place to work in the public sector
"Excellent employer engagement... Imaginative and highly effective approach
to social inclusion... Excellent communication, high staff morale and visionary
leadership". (Ofsted 2008)
To view our disclaimer please follow this link