[Users] Testing LDAP support.

Itamar Heim iheim at redhat.com
Tue Apr 10 07:55:25 UTC 2012


On 04/10/2012 04:51 AM, Sharad Mishra wrote:
> On Mon, 2012-04-09 at 12:38 -0700, Sharad Mishra wrote:
>> On Mon, 2012-04-09 at 14:10 -0400, Oved Ourfalli wrote:
>>>>>
>>>>>   When a call is made to construct InitialDirContext with following
>>>>> settings -
>>>>>
>>>>>   {java.naming.provider.url=ldap://ldapserver.ibm.com:389,
>>>>>   java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
>>>>> java.naming.security.principal=uid=1234567,c=us,ou=ldapserver,o=ibm.com,
>>>>>   java.naming.security.authentication=DIGEST-MD5 GSSAPI,
>>>>>   java.naming.security.credentials=password,
>>>>>   java.naming.referral=follow,
>>>>>   java.naming.ldap.attributes.binary=objectGUID}
>>>>>
>>>
>>> Can you also attach the jboss log and engine log? (assuming you are testing it in the ovirt-engine environment).
>>> They can be helpful, as it might be related to some class loading issue or something similar, and the log might shed light on that.
>>>
>>
> I think its my setup that is the issue here. I am unable to run
> ldapsearch CLI with DIGEST-MD5 protocol. I am not sure how to setup/use
> secret key with sasl. I am running my queries against a production ldap
> server on which I have user access. I tried to look around on internet
> but did not get a good hit.

have you tried the kebreros based authentication with it?
I see it is supposed to have it:
http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=%2Fliaai%2Fkerberos%2Fliaaikerberos1.htm



More information about the Users mailing list