0 Replies Latest reply on May 6, 2015 12:05 PM by Thabo Kitime

    CommunicationException: simple bind failed

    Thabo Kitime Newbie

      Hi All,

       

      I fairly new to EAP but come from a Websphere background. I'm currently trying to configure AD authentication however I'm having challenges. I've configured the standalone-full.xml to included AD but I'm getting the below exception:

       

      CommunicationException: simple bind failed 14.1.1.2:3268 [Root exception is java.net.SocketException: Connection reset]

       

      Below is an extract of my authentication tag configured on the HTTPS  security realm:

       

                  <security-realm name="HTTPS">

                      <server-identities>

                          <ssl>

                              <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="mykeystorepass" alias="jboss"/>

                          </ssl>

                      </server-identities>

                      <authentication>

                          <ldap connection="ldap_connection" base-dn="DC=directory,DC=com" recursive="true">

                          <advanced-filter filter="(&amp;(sAMAccountName={0})(memberOf=CN=Domain-DNS,CN=Schema,CN=Configuration,DC=directory,DC=com))"/>

                          </ldap>

                      </authentication>

                  </security-realm>

              </security-realms>

              <outbound-connections>

                  <ldap name="ldap_connection" url="ldap://14.1.1.2:3268" search-dn="CN=AD_User" search-credential="pass" initial-context-factory="com.sun.jndi.ldap.LdapCtxFactory" security-realm="HTTPS"/>

              </outbound-connections>

       

      It doesn't even look like the AD user is binding:

       

      22:46:06,512 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 1) Searching for user 'AD_User@directory.com' using filter '(&(sAMAccountName={0})(memberOf=CN=Domain-DNS,CN=Schema,CN=Configuration,DC=directory,DC=com))"/>

      22:46:06,512 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 1) Searching for user 'AD_User@directory.com' using filter '(&(sAMAccountName={0})(memberOf=CN=Domain-DNS,CN=Schema,CN=Configuration,DC=directory,DC=com))"/>

      22:46:06,513 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 1) Connecting to LDAP with properties ({java.naming.referral=ignore, java.naming.security.principal=CN=AD_User, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.factory.socket=org.jboss.as.domain.management.connections.ldap.ThreadLocalSSLSocketFactory, java.naming.security.credentials=***, java.naming.provider.url=ldap://14.1.1.2:3268})

      22:46:06,513 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 1) Connecting to LDAP with properties ({java.naming.referral=ignore, java.naming.security.principal=CN=AD_User, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.ldap.factory.socket=org.jboss.as.domain.management.connections.ldap.ThreadLocalSSLSocketFactory, java.naming.security.credentials=***, java.naming.provider.url=ldap://14.1.1.2:3268})

      22:46:06,522 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 1) Unable to verify identity.: javax.naming.NamingException: JBAS011843: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "org.jboss.as.domain-management:main" from local module loader @1caa270d (finder: local module finder @66e9d52e (roots: /opt/jboss-6.3/modules,/opt/jboss-6.3/modules/system/layers/base/.overlays/layer-base-jboss-eap-6.3.2.CP,/opt/jboss-6.3/modules/system/layers/base)) [Root exception is javax.naming.CommunicationException: simple bind failed 14.1.1.2:3268 [Root exception is java.net.SocketException: Connection reset]

       

       

      Could you kindly advise what could cause this and how this error can be mitigated. Oh to mention this is on EAP 6.3.0

       

      Thank you in this regard.

       

      Regards

      Thabo Kitime