Announcement Announcement Module
Collapse
No announcement yet.
Active Directory problem Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory problem

    Hi all,

    I receive the following exception when connecting to an AD:

    Code:
    <Searching for user 'd9999084', with user search [ searchFilter: '(CN={0})', searchBase: 'CN=Users', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]>
    <Got Ldap context on server 'ldap://x.y.z:389/dc=desa,dc=domain,dc=net'>
    <SecurityContextHolder now cleared, as request processing completed>
    org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03151EFD, problem 2001 (NO_OBJECT), data 0, best match of:
    	'DC=desa,DC=domain,DC=net'
    ]; remaining name 'CN=Users'
    These are the related beans:

    Code:
    	<bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
    		<constructor-arg value="ldap://x.y.z:389/DC=desa,DC=domain,DC=net"/>
    	</bean>
    
    	<bean id="userDetailsService"
    		class="org.springframework.security.userdetails.ldap.LdapUserDetailsService">
    		<constructor-arg index="0">
    			<ref local="filterBasedLdapUserSearch" />
    		</constructor-arg>
    		<constructor-arg index="1">
    			<ref local="ldapGroupsPopulator" />
    		</constructor-arg>
    	</bean>
    	<bean id="filterBasedLdapUserSearch"
    		class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
    		<constructor-arg index="0">
    			<value>CN=Users</value>
    		</constructor-arg>
    		<constructor-arg index="1">
    			<value>(CN={0})</value>
    		</constructor-arg>
    		<constructor-arg index="2">
    			<ref bean="contextSource" />
    		</constructor-arg>
    		<property name="searchSubtree" value="true" />
    	</bean>
    	<bean id="ldapGroupsPopulator"
    		class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
    		<constructor-arg>
    			<ref bean="contextSource" />
    		</constructor-arg>
    		<constructor-arg>
    			<value>CN=Users</value>
    		</constructor-arg>
    		<property name="searchSubtree" value="true" />
    		<property name="groupRoleAttribute" value="CN" />
    		<property name="groupSearchFilter" value="(member={0})" />
    		<property name="rolePrefix" value="ROLE_" />
    	</bean>
    In the AD, this is the DN of the user as seen with an LDAP browser tool:

    Code:
    CN=d9999084,CN=Users,DC=desa,DC=domain,DC=net
    The base DN as returned by the server is:

    Code:
    DC=desa,DC=domain,DC=net
    I'm using Spring Security 2.0.4 and Spring LDAP 1.3.0

    Thanks in advance.
Working...
X