users@glassfish.java.net

Problem creating edirectory LDAP Realm with multiple organization units

From: <forums_at_java.net>
Date: Mon, 26 Sep 2011 10:53:16 -0500 (CDT)

Normal 0 false false false MicrosoftInternetExplorer4 /* Style Definitions */
table.MsoNormalTable {mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes;
mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in; mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman";
mso-ansi-language:#0400; mso-fareast-language:#0400;
mso-bidi-language:#0400;}

I am trying to create a new LDAP Realm (*Novell edirectory*) but am having a
problem because the users are not contained in a single organization unit. 
For example, the organization is called *XYZ* and consists of 2 organization
units: *Branch1* and *Branch2*.

If I set up the LDAP realm configuration with only one of the organization
units as follows, I am able to login as a user:

JAAS Context: *ldapRealm*

Directory:* ldap://ldap server:389*

Base DN: *ou=Branch1,o=XYZ*

I tried setting Base DN to *ou=Branch1,ou=Branch2,o=XYZ* but when I try to
login as a user, I am sent to the error page, indicating that the credentials
are seen as invalid and the authentication is not successful.  I also tried
setting Base DN to just *o=XYZ* thinking this would force it to search both
branches but it searches only one.  When I attempt to log in as a user from
the other branch, an error message is received indicating that the user is
not found:  SEVERE: SEC1113: Exception in LdapRealm when trying to
authenticate user.  javax.security.auth.login.LoginException:
javax.security.auth.login.LoginException: User/ xxxx/ not found.

What should I enter as the Base DN when there are 2 branches of the tree
should be searched and are there other properties that need to be set besides
those indicated above?

Thanks.


--
[Message sent by forum member 'raylen1024']
View Post: http://forums.java.net/node/847247