It's all about the answers!

Ask a question

LDAPLocalGroup configuration problem

Francis Kemp (7212438) | asked Mar 16 '12, 3:11 p.m.
Been trying for a day or so and can't get the configuration of this quite right. We are using Jazz V3012.

Here is the situation:

I configured LDAP without a problem, then went through the steps to implement the LDAPLocalGroup realm. After figuring out that I needed to add authentication to the LocalMappingJNDIRealm, I thought I was finished. Then I got this error when I tried to login:

SEVERE: Exception performing authentication

javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DS ID-03100768, data 0, 1 access points
ref 1: 'x x x'
]; remaining name 'ou=people,dc=x x x'
.... stack trace info ....

After some research and looking at the original JNDIRealm I added the 'referrals = follow' param to the LocalMappingJNDIRealm. Now I'm getting this error:

SEVERE: Exception performing authentication

javax.naming.CommunicationException: x x x:389 [Root exception is x x x]
.... stack trace info ....

Adding 'referrals=follow' produced a different error, but I'm not sure it's a step in the right direction. Am I supposed to substitute something for 'dc=x x x' in LocalMappingJNDIRealm?

2 more questions:
In section 7 of the instructions, the Note states that "These configuration properties are different from the ones for LDAP user registry provider." Not sure what this means - what am I supposed to put in the registry location, base user DN and user attribute info if not the same data for the user registry?

In section 1, is the roleSearch parameter really memberNotAvailablexxx?

Thanks for any help you can provide. I'm pretty certain I'm making a dumb mistake somewhere....

PS Everything that reads 'x x x' in my post should read 'xxx'. For some reason xxx becomes a '*' in the post.


Jia Jia Li commented Mar 18 '12, 11:34 a.m. | edited Feb 03 '17, 7:05 a.m.

Can you share your config snapshot so that we can more clear with your problem to sovle

Be the first one to answer this question!

Register or to post your answer.