Ask Question
« General Questions on Nuxeo

Nuxeo with Active Directory server not authenticating.

Nuxeo with open ldap worked fine having accounts at say for example ou=people,dc=united,dc=com and users under that. We tried to switch to Active Directory now where the accounts are at u=users,ou=united,ou=Customers,dc=cust,dc=jeppsvc,dc=com by modifying the ldap-users xml configuration as follows. Authentication is not working any more.

Putting only relevant content from the ldap-users xml file.

  <creationClass>top</creationClass>
  <creationClass>person</creationClass>
  <creationClass>organizationalPerson</creationClass>
  <creationClass>inetOrgPerson</creationClass>
  <creationClass>user</creationClass>

  <rdnAttribute>uid</rdnAttribute>
  <fieldMapping name="username">uid</fieldMapping>
  <fieldMapping name="password">userPassword</fieldMapping>
  <fieldMapping name="firstName">givenName</fieldMapping>
  <fieldMapping name="lastName">sn</fieldMapping>
  <fieldMapping name="company">o</fieldMapping>
  <fieldMapping name="email">mail</fieldMapping>

Is there anything missing that is needed for nuxeo to work with Active Directory Server ?

smalis
Member (162)   1   1   3 		03/30/2012 ( History)
0 votes
2 answers
2084 views
ANSWER
smalis

The ldif snippet is here

dn: CN=John Doe,OU=users,OU=united,OU=Customers,DC=cust,DC=jeppsvc,DC=com
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: inetOrgPerson
cn: John Doe
sn: Doe
o: United Airlines
givenName: John
distinguishedName: 
 CN=John Doe,OU=users,OU=united,OU=Customers,DC=cust,DC=jeppsvc,DC=com
instanceType: 4
whenCreated: 20120330173209.0Z
whenChanged: 20120330174747.0Z
displayName: John Doe
uSNCreated: 2082020
uSNChanged: 2082127
name: John Doe
objectGUID:: uMlpRneR/USvZn5TcgH1Ag==
userAccountControl: 512
codePage: 0
countryCode: 0
pwdLastSet: 129776025696024307
primaryGroupID: 513
objectSid:: AQUAAAAAAAUVAAAAwNHPxwm+X+uAmn19TwYAAA==
accountExpires: 9223372036854775807
sAMAccountName: jdoe
sAMAccountType: 805306368
userPrincipalName: jdoe@united.com
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=jeppsvc,DC=com
dSCorePropagationData: 16010101000000.0Z
lastLogonTimestamp: 129776032053529947
uid: jdoe@united.com
03/30/2012
ANSWERS

Added bindDn and bindPassword and it all works now. Thanks

smalis
Member (162)   1   1   3 		04/03/2012 ( History)
0 votes

Have you turned on debug and looked in the server log?

Not included in above but are you sure that your bindDn and bindPassword are working for the specified ldapUrl? Should see this in the log.

bruce Grant
Member (7.6K)   2   7   6 		04/01/2012 ( History)
0 votes
bruce Grant
No problem - changed the comment to an answer since it was bindDn and and bindPassword.
04/03/2012
Follow
Tags
Linked Questions
Related Questions
configure the connexion to the LDAP to get the group
Nuxeo LDAP groups not loading
LDAP : users et groupes
LDAP, OpenDS integeration to Nuxeo?
Unable to create users or Groups in Nuxeo when connected to Active Directory
LDAP : la recherche (*) ne trouve que 200 utilisateurs
Unable to grant access right to Active Directory Group
LDAP : impossible de voir les groupes
LDAP Authentication with MS Active Directory and Groups.