Cannot authenticate LDAP with SAMAccountName

francoisbnc · ‎2013-04-07

Hi

I cannot authenticate via LDAP with the following configuration

User Name Attribute SAMAccountName

2013-04-05 12:40:47,137 CEST INFO [com.netapp.wfa.ldap.LdapLoginModule] (http-0.0.0.0-80-24) Looking up user 'itsfe' in LDAP servers

2013-04-05 12:40:47,683 CEST ERROR [com.netapp.wfa.ldap.LdapLoginModule] (http-0.0.0.0-80-24) Failed to find user 'itsfe' using LDAP servers:

* ldap://swatchgroup.net:389 - [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772�]

com.netapp.wfa.ldap.LdapException: Failed to find user 'itsfe' using LDAP servers:

it works fine via

User Name Attribute userPrincipalName

2013-04-07 13:57:28,496 CEST INFO [com.netapp.wfa.ldap.LdapLoginModule] (http-0.0.0.0-80-10) Looking up user 'itsfe@swatchgroup.net' in LDAP servers

2013-04-07 13:57:28,527 CEST INFO [com.netapp.wfa.ldap.LdapWrapper] (http-0.0.0.0-80-10) Looking up user 'itsfe@swatchgroup.net' using 'userPrincipalName' attribute

2013-04-07 13:57:28,543 CEST INFO [com.netapp.wfa.ldap.LdapLoginModule] (http-0.0.0.0-80-10) Discovering roles of user 'itsfe@swatchgroup.net'

2013-04-07 13:57:28,558 CEST INFO [com.netapp.wfa.ldap.LdapLoginModule] (http-0.0.0.0-80-10) User 'itsfe@swatchgroup.net' was authenticated successfully and is assigned the role of 'Admin' (EJB roles are [architect, admin, guest, operator])

Help appreciate

francois

shaoulov · ‎2013-04-07

Hi Francois,

I think domain name should be part of user name in this case:

format: <domain>\<user>, e.g. netapp\usr

Please try.

Regards

Anatoly

RAVI_PALADUGU · ‎2013-04-07

Is it problem with PGP universal serer?