LDAP Issue

paul · May 24, 2013, 6:02pm

We’ve got Percussion 2.8 up and running in production that connects to Active Directory / LDAP correctly.

I just downloaded 3.0 and did a new install on a separate development server. I’ve configured ldap.xml file exactly the same way it is setup in production, but the import Acitive Directory users icon is not activated on CM1 3.0 server. I checked the console.log file and it’s not generating any errors as far as I can tell. When I first setup the ldap.xml file I put the password in it, and restarted the server.

Any thoughts? Thanks.

here’s my ldap.xml file. I changed some of my host, CN and OU below for security reasons in this post.

<?xml version="1.0" encoding="UTF-8"?>   
 
<ldapconfig> <br><br>
        <ldapserver> <br><br>
               <host>myHost</host> <br><br>
               <port>389</port> <br><br>
               <user>CN=Percussion LDAP,OU=Security Accounts,OU=Central Office,OU=Other Sites,OU=myOU,DC=myDC,DC=myDC2,DC=sc,DC=us </user> <br><br>
               <password></password> <br><br>
               <catalog>deep</catalog> <br><br>
               <objectattributename>samaccountname</objectattributename> <br><br>
               <emailattributename>emailaddress</emailattributename> <br><br>
               <organizationalunit>OU=myOU,DC=myDC,DC=myDC2,DC=sc,DC=us</organizationalunit> <br><br>
         </ldapserver> <br><br> </ldapconfig>

Nathaniel · May 24, 2013, 6:33pm

Hi Paul,

First, I want to confirm that your password is being stripped from that config file when you start CM1, is that correct? This will confirm that CM1 is indeed picking up that configuration block. Also, note that whenever you edit that file, you’ll want to put the password back into that field.

While I understand that these are example CNs and OUs, you’ll want to ensure that all blank spaces in your LDAP URLs are replaced with encoded spaces, %20 , e.g.:

<user>CN=Percussion%20LDAP,OU=Security%20Accounts,OU=Central%20Office,OU=Other Sites,OU=myOU,DC=myDC,DC=myDC2,DC=sc,DC=us</user>

Lastly, in your server.log file, which is located in your {cm1_root}\AppServer\server\rx\log directory, look for the most recent iteration of this message:

[PSServerConfigUpdater] Loading LDAP configuration…

Check and see if any errors or exceptions appear after this message. Please let me know if you see anything.

paul · May 24, 2013, 7:44pm

actually, I just realized what it was. I had accidentally named it ldap.xml. Supposed to be ldapserver.xml. Thanks though, as your comment about it not stripping out the password lead me to this realization. thanks!

Nathaniel · May 24, 2013, 8:27pm

Ah, I spotted that, but I thought it might just be a typo / intentional abbreviation. That was part of the reason why I mentioned how the PW gets stripped if your configuration get’s picked up by CM1, though, so I’m glad you were able to take that and run with it. Enjoy your weekend!

Nate_Chadwick · June 1, 2018, 5:34pm