Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

Multi Dimensional LDAP

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Greetings Again;

I am trying to set up JForum with LDAP.

I had our System Administrator look over the procedure for setting up LDAP and found this problem. He gave me a test case to test it out and sure enough, he was right.

We have a LDAP tree that lookslike this

o=organization
---ou=depts
------ou=dept1
---------cn=user1
---------cn=user2
------ou=dept2
---------cn=user3


So.. Assuming I am "user1".
Within the SystemGlobal.properties I changed the ldap.login.suffic to: ou=dept1,ou=depts,o=organization

Unfortunately, this worked. But it also means that only people under dept1 will be able to log in.

Do you have any suggestions on how to alleviate this?

Many thanks,

--Dave

[originally posted on jforum.net by Anonymous]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The account you're using as Admin is not associated to the Administrators group. Tables are jforum_groups and jforum_user_groups.

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Can you provide a sample configuration file of how the config should look like, please?

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
# #######
# LDAP
# #######
# Security protocol to use, e.g: "ssl"
# Leave it empty (default) to let the provider figure it out
ldap.security.protocol =

# Security authentication to use. Possible values: "none", "simple", "strong",
# "EXTERNAL" (SASL). Leave empty (default) to let the provider figure it out
ldap.authentication =

# Class that provides a LDAP factory
ldap.factory = com.sun.jndi.ldap.LdapCtxFactory

# The prefix your LDAP server requires. e.g 'uid='
# The username supplied gets inserted just after the prefix,
# e.g: 'uid=username' so adjust the prefix properly
ldap.login.prefix = cn=

# The suffix your LDAP server requires.
# e.g 'ou=Users,dc=department,dc=company,dc=com'
ldap.login.suffix = o=organization

# The url of your LDAP server.
# Notice that if your LDAP server uses SSL you will need to configure your
# server certificate so that Java Secure Sockets Extension (JSSE) will accept it.
# Read http://java.sun.com/products/jndi/tutorial/ldap/security/ssl.html
ldap.server.url = ldap://ldap.our.organization.com

# Field that holds the user's email
ldap.field.email = mail

************************************************************
In talking with our system/network administrator and looking at some others code, it came to our attention that there needs to be some paramater to tell you whether or not a subtree exists? Just a thought.

I hope this clarifies.

Many many thanks again,

--Dave



PS: It seems as if since I put LDAP authentication togheter, I can no longer log in as Admin. Suggestions?


[originally posted on jforum.net by dcrumb]
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic