We’ve been unsuccessful connecting our LDAP to CM1. One example of what we’ve placed into our ldapserver.xml is:
192.168.99.10
389
CM 1 LDAP Query
somepassword
deep
cn
mail
OU=Special Accounts,DC=crt,DC=state,DC=la,DC=us
false
In CM1, when we attempt to search for Active Directory usernames in Workflow, we get a blank screen. The server log then reports the following error:
2013-09-11 15:11:39,072 ERROR [com.percussion.services.security.impl.PSRoleMgr] Error finding users: An unknown naming exception was caught. The error message was: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
‘DC=crt,DC=state,DC=la,DC=us’
]
Another attempt was made using the ‘shallow’ catalog method:
192.168.99.10
389 CN=CM%201%20LDAP%20Query,DC=crt,DC=state,DC=la,DC=us
somepassword
shallow
cn
mail
OU=Special%20Accounts,OU=IS,OU=OMF,OU=CRT%20Users,DC=crt,DC=state,DC=la,DC=us
false
And that produced the following error:
2013-09-11 15:49:57,305 ERROR [com.percussion.services.security.impl.PSRoleMgr] Error finding users: An unknown naming exception was caught. The error message was: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece]
I’ve tried variations where I replaced the host with hostname, ldap:\hostname. I’ve also tried variations on the user naming convention, as shown here http://help.percussion.com/admin-topi…, with no luck. I’ve also tried with and without the ‘%20’ as explained here https://community.percussion.com/t/ldap-issue/559 with no luck. I’ve also tried variations of objectAttributeName with ‘cn’ and ‘samaccountname’ with their corresponding usernames with no luck. So, I’m out of luck.
Can anyone see what I can’t?