Can someone out there please help me to configure Hyperic to accept logins via AD authentication. I have copied the configuration from our Liferay portal implementation where it works okay.
The configuration I have in place looks like this:
Use LDAP Authentication: Yes
URL: ldaps://****************
SSL: Yes
Username: cn=********,ou=******
Password: ********
Search Base: OU=****,OU=***,DC=****,DC=******,DC=**********,DC=***
Search Filter:
Login Property: cn
It seems to get to AD okay as if I enter a valid userid with a bad password I get the message:
2007-03-19 11:03:10,446 INFO [com.hyperic.hq.auth.server.LdapLoginModule] Failed to validate
password: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment:
AcceptSecurityContext error, data 52e, vece]
in the Hyperic log file. However when I then enter the correct password I get the message:
2007-03-19 11:03:10,062 INFO [STDOUT] username from shared state is null
It looks like the mapping from the AD username to the Hyperic username is not working. So I assume that I have the "Login Property" wrong but cannot see what it should be. In Liferay I have this coded as "(cn=@user_id@)" so I know that "cn" is the correct AD field.
Thanks . . . Murray
Message was edited by: murray.baker
The configuration I have in place looks like this:
Use LDAP Authentication: Yes
URL: ldaps://****************
SSL: Yes
Username: cn=********,ou=******
Password: ********
Search Base: OU=****,OU=***,DC=****,DC=******,DC=**********,DC=***
Search Filter:
Login Property: cn
It seems to get to AD okay as if I enter a valid userid with a bad password I get the message:
2007-03-19 11:03:10,446 INFO [com.hyperic.hq.auth.server.LdapLoginModule] Failed to validate
password: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment:
AcceptSecurityContext error, data 52e, vece]
in the Hyperic log file. However when I then enter the correct password I get the message:
2007-03-19 11:03:10,062 INFO [STDOUT] username from shared state is null
It looks like the mapping from the AD username to the Hyperic username is not working. So I assume that I have the "Login Property" wrong but cannot see what it should be. In Liferay I have this coded as "(cn=@user_id@)" so I know that "cn" is the correct AD field.
Thanks . . . Murray
Message was edited by: murray.baker