Portal and using openxchange ldap for users
veroland Oct 19, 2007 3:24 AMHi All
First off, I am using
Portal 2.6.2
JBoss AS 4.2.1 GA
I have changed portal to authenticate using my openldap directory. Users can authenticate no problem, but however I can not seem to pick up the admin user from the Admin role.
I have created a Role called Admin in my ldap server.
I am getting no errors and are stuck.
My ldap_identity_config.xml file looks like this at the moment:
<?xml version="1.0" encoding="UTF-8"?> <!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~ JBoss, a division of Red Hat ~ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~ ~ contributors as indicated by the @authors tag. See the ~ ~ copyright.txt in the distribution for a full listing of ~ ~ individual contributors. ~ ~ ~ ~ This is free software; you can redistribute it and/or modify it ~ ~ under the terms of the GNU Lesser General Public License as ~ ~ published by the Free Software Foundation; either version 2.1 of ~ ~ the License, or (at your option) any later version. ~ ~ ~ ~ This software is distributed in the hope that it will be useful, ~ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ ~ Lesser General Public License for more details. ~ ~ ~ ~ You should have received a copy of the GNU Lesser General Public ~ ~ License along with this software; if not, write to the Free ~ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--> <!--<!DOCTYPE identity-configuration PUBLIC "-//JBoss Portal//DTD JBoss Identity Configuration 1.0//EN" "http://www.jboss.org/portal/dtd/identity-config_1_0.dtd">--> <identity-configuration> <datasources> <datasource> <name>LDAP</name> <config> <option> <name>host</name> <value>192.168.0.2</value> </option> <option> <name>port</name> <value>389</value> </option> <option> <name>adminDN</name> <value> uid=xxxx,ou=people,dc=symbiotics,dc=co,dc=za </value> </option> <option> <name>adminPassword</name> <value>xxxx</value> </option> <!--<option> <name>protocol</name> <value>ssl</value> </option>--> </config> </datasource> </datasources> <modules> <module> <!--type used to correctly map in IdentityContext registry--> <type>User</type> <implementation>LDAP</implementation> <config /> </module> <module> <type>Role</type> <implementation>LDAP</implementation> <config /> </module> <module> <type>Membership</type> <implementation>LDAP</implementation> <config /> </module> <module> <type>UserProfile</type> <implementation>DELEGATING</implementation> <config> <option> <name>ldapModuleJNDIName</name> <value>java:/portal/LDAPUserProfileModule</value> </option> </config> </module> <module> <type>DBDelegateUserProfile</type> <implementation>DB</implementation> <config> <option> <name>randomSynchronizePassword</name> <value>true</value> </option> </config> </module> <module> <type>LDAPDelegateUserProfile</type> <implementation>LDAP</implementation> <config /> </module> </modules> <options> <option-group> <group-name>common</group-name> <option> <name>userCtxDN</name> <value>ou=people,dc=symbiotics,dc=co,dc=za</value> </option> <option> <name>roleCtxDN</name> <value> ou=Roles,o=Portal,dc=symbiotics,dc=co,dc=za </value> </option> </option-group> </options> <option-group> <group-name>userCreateAttibutes</group-name> <option> <name>objectClass</name> <!--This objectclasses should work with Red Hat Directory--> <value>top</value> <value>person</value> <value>inetOrgPerson</value> </option> <!--Schema requires those to have initial value--> <option> <name>cn</name> <value>none</value> </option> <option> <name>sn</name> <value>none</value> </option> </option-group> <option-group> <group-name>roleCreateAttibutes</group-name> <!--Schema requires those to have initial value--> <option> <name>cn</name> <value>none</value> </option> <!--Some directory servers require this attribute to be valid DN--> <!--For safety reasons point to the admin user here--> <option> <name>member</name> <value>uid=admin,ou=people,dc=symbiotics,dc=co,dc=za</value> </option> </option-group> </identity-configuration>
A extract of my ldif looks like this
dn: ou=people, dc=symbiotics,dc=co,dc=za ou: people objectClass: top objectClass: organizationalUnit dn: uid=admin, ou=people, dc=symbiotics,dc=co,dc=za preferredLanguage: EN userCountry: US objectClass: top objectClass: shadowAccount objectClass: posixAccount objectClass: person objectClass: inetOrgPerson objectClass: OXUserObject objectClass: organizationalPerson lnetMailAccess: OK imapServer: 127.0.0.1 userPassword:: e1NIQX0wRFBpS3VOSXJyVm1EOElVQ3V3MWhReE5xWmM9 OXAppointmentDays: 5 smtpServer: 127.0.0.1 uid: admin mail: admin@symbiotics.co.za uidNumber: 1008 cn: admin colocRouteAddr: admin@localhost loginShell: /bin/false alias: admin@symbiotics.co.za gidNumber: 1100 o: symbiotics mailDomain: symbiotics.co.za OXTaskDays: 5 homeDirectory: /home/admin sn: admin OXTimeZone: America/New_York mailEnabled: OK dn: ou=addr,uid=admin, ou=people, dc=symbiotics,dc=co,dc=za ou: addr objectClass: top objectClass: organizationalUnit dn: o=Portal, dc=symbiotics,dc=co,dc=za objectClass: top objectClass: organization o: Portal dn: ou=Roles, o=Portal, dc=symbiotics,dc=co,dc=za ou: Roles objectClass: top objectClass: organizationalUnit dn: cn=Admin,ou=Roles, o=Portal, dc=symbiotics,dc=co,dc=za objectClass: top objectClass: groupOfNames description: Admin member: uid=admin,ou=people,dc=symbiotics,dc=co,dc=za cn: Admin
I have no idea what I have checked the default-object.xml and the viewrecursive still points to Admin.
Any help will be greatly appreciated.
Thanks
Marius
 
     
    