I have a site that is using x509 client certificates (2 way SSL) to authenticate users and an LDAP directory that contains authorization information. I would like to use one of the certificate attributes to query the directory ( SSL_CLIENT_S_DN_CN to be exact ). I see how to use mod_ssl to use the user's client certificates for authenti...
I'd like to know how to script this. Also, is there an out of the box GUI tool that will let me do this? ...
Summary We have a central LDAP server that our deployed Java web app should connect to. Our JUnit tests depend on specific data in the LDAP repository, so they need to connect to an embedded ApacheDS LDAP server, primed with a sample data set. How do we make sure that the ApacheDS server doesn't start up when we deploy our webapp? De...
I'm using javax naming to connect to an LDAP database. Is there a good way to check if a connection is still valid? I'm looking for something really efficient here because it may need to be done often. After some web searching all I have found is a suggestion to do a quick search, is there any more lightweight way? /mac ...
Hi I'm trying to configure an ejabberd installation, using LDAP authentication, but I just can't login, even with the admin user. This is part of my ejabberd.cfg file: %... {auth_method, ldap}. {ldap_servers, ["server2000.tek2000.local"]}. {ldap_port,389}. {ldap_uidattr, "uid"}. {ldap_base, "dc=server2000,dc=tek2000,dc=com"}. {ldap_roo...
I know that LDAP is used to provide some information and to help for example the authorization. But what are the other usages of LDAP? Thyk you very much. ...
My application enables defining several LDAP servers to work with. One might want to define Kerberos access to more than one LDAP server. Can it be done? Can a single host juggle between Active Directory servers with Kerberos as the connection method? ...
Hi. I'm having trouble running a complex query against our company LDAP server. I'm using the following Perl script: use Data::Dumper; use Net::LDAP; die "Can't connect to LDAP-Server: $@\n" unless $ldap = Net::LDAP->new( 'xLDAPx' ); foreach my $filter ( 'ou=Personal', 'ou=BAR', 'ou=Personal,ou=BAR', 'ou=Personal,ou=FOO,o=FOO,d...
I am currently using an Apache front end for my Subversion repository, in order to do LDAP authentication. My setup is fairly vanilla, however I would like to be able to specify a "backup" LDAP URL, in case the primary one is down. I can't currently see a way to do this other then use a second location, or virtual host that points at th...
What is the best way to configure Tomcat 5.5 or later to authenticate users from Windows Active Directory? ...
I am trying to fix a bug with SSL in a product and noticed that although the code sets SSL to be true, in the next line in the code SSL is still at false. I wrote a unit test for this and the unit test confirms my suspicions. [TestMethod] public void SecureSocketLayerSetToTrue( ) { var ldapConnection = new LdapConnection( ...
I'm developing an application using Java, Tomcat, Spring Framework and Spring LDAP 1.2.1 for LDAP access. According to our LDAP administrator, it is not possible to find out programmatically, if a specific user is locked out in the directory - the user is just not returned. This makes life difficult for me, as I need to identify locked ...
I'm attempting to utilize VBScript to connect pull the physicalDeliveryOfficeName attribute in Active Directory by providing the email address. I know how to do it with a common name like the following: Set MyUser = GetObject ("LDAP://cn=" & uname & ",ou=" & strname & ",DC=bobdom,DC=net") However only the email address is available...
When querying with LDAP against our Active Directory structure to look up user accounts, some records (but not all) are missing certain key fields, specifically memberOf and userAccountControl (which has a bit flag that indicates whether the account is disabled or not). Here's a few refining details: If the query is set to filter on a...
I need to set up SSL over Active Directory. I googled a lot but could not found a decent write up about how to do this. Please if you know some good resources about this let me know. Thanks! ...
In Websphere when you do an LDAP query using LdapContext are the transmission of credentials encrypted? LdapContext ctx = new InitialLdapContext (env, null); Lets say I make an LdapContext for a web app to do some custom LDAP calls. How do I know if my call is secure / encrypted? ...
I need to query Active Directory for a list of users whose password is about to expire. The obvious (and easy) way to do this is with: dsquery user -stalepwd n The problem is that I need to add additional filters to only look for users who are in certain security groups. This is hard to do with the "dsquery user" syntax that has the...
We have tried to connect to a remote Novell server from our offices. First, we had to open the firewall port to connect to the server, otherwise we were getting error 91 (which basically tells that the server cannot be joined). Second, we used a tool called LDAP Browser to test the connection. We get the error 81 "can't contact LDAP s...
We are using OpenLDAP client library to conect to an LDAP server. The problem is that if there is no activity for some time, server (or firewall in the middle) drops TCP connection. Our current implementation of "keep-alive" just does search for baseDN from time to time - any better ideas ? ...
The following code works for 90+ % of global security groups, but for one very large global security group, it returns an enumerator, but no member objects of the group, even though the group has many thousands. DirectoryEntry group = groupResult.GetDirectoryEntry(); filter = "member;range=0-20"; group.RefreshCache(new[] { filter }); Pr...