0 Replies Latest reply on Sep 29, 2006 5:13 PM by D Johnson

    LDAP and Active Directory

    D Johnson Newbie

      I was trying to get LDAP to authenticate to AD. I have it authenticating the user but the group/roles is not being found in the memberOf property. Although, it has found the property and reported it back to the log file.

      Here is the log output, does anyone know how the role is resolved when a user has multiple groups/role assignments.

      *************************************************************
      16:03:52,804 DEBUG [AuthenticatorBase] Authenticated 'fsj1234' with type 'FORM'
      16:03:52,804 DEBUG [FormAuthenticator] Proceed to restored request
      16:03:52,804 DEBUG [AuthenticatorBase] Calling accessControl()
      16:03:52,804 DEBUG [RealmBase] Username fsj1234 does NOT have role Authenticated
      16:03:52,804 DEBUG [AuthenticatorBase] Failed accessControl() test
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 1
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0
      16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0
      16:03:55,523 DEBUG [CoyoteAdapter] Requested cookie session id is BA0A9A7A6B8D3843C066BCE188C17D85
      16:03:55,523 DEBUG [AuthenticatorBase] Security checking request GET /portal
      16:03:55,523 DEBUG [AuthenticatorBase] We have cached auth type FORM for principal GenericPrincipal[fsj1234(CN=AccessIT,CN=Users,DC=mydomain,DC=com,CN=Admin,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=Citrix Users,OU=Farm,OU=Citrix,DC=mydomain,DC=com,CN=GG AP All Associates,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG AP All Information Systems,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG AP Portal Admins,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG AP Portal Module Administrators,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG FA Associate Portal Development,CN=Users,DC=mydomain,DC=com,CN=GG FA HROL Credentialing File Access,)]