0 Replies Latest reply on Jul 7, 2010 5:51 AM by vasuki hn

    Failed to retrieve Active directory Roles

    vasuki hn Newbie

      Hi All,

      I am using Active Directory(AD) for authentication and authorization. Authentication is working fine if I use CN for username.
      When I come to authorization, I have few groups created in AD and added few users to those groups.
      But no attribute in the User record holds the list of roles assigned to a user. So i am worried which attribute to configure for user-role-attribute property in my configuration file(components.xml).

      When i used JExplorer and logged into it and accessed a particular recoed, I was able to see memberof attribute holding list of group names. But i dont see that attribute in AD.

      Could anyone help me in solving this problem?

      I will attach my components.xml file code.

      <security:identity authenticate-method="#{authenticator.authenticate}"/>
         <security:identity-manager name="identityManager"  identity-store="#{ldapIdentityStore}" role-identity-store="#{ldapIdentityStore}"/> 
         <security:ldap-identity-store name="ldapIdentityStore" 
                user-object-classes="person, user, organizationalPerson, top"