Hi,
I'm configuring LDAPLoginModule as follows:
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required" > <module-option name="java.naming.provider.url">ldap://server.mydomain.com:389/</module-option> <module-option name="rolesCtxDN">cn=Users,dc=mydomain,dc=com,</module-option> <module-option name="matchOnUserDN">false</module-option> <module-option name="principalDNSuffix">@mydomain.com</module-option> <module-option name="uidAttributeID">sAMAccountName</module-option> <module-option name="roleAttributeID">memberOf</module-option> <module-option name="roleAttributeIsDN">true</module-option> <module-option name="roleNameAttributeID">name</module-option> </login-module>
Show some ldif for the case in question so that one can understand what the AD schema in use is.