Search Results

Search found 29935 results on 1198 pages for 'open ldap'.

Page 6/1198 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • LDAP RBAC model

    - by typo
    Hi does anybody can tell me about best practice to model RBAC on LDAP ? I'm very confused, not sure if I should think about LDAP groups as role, or just user in some custom OU. Any real-life examples with tasks-operations\roles\user scheme (one user, multiple roles per user, multiple operations-tasks per role) ? BTW:Target systems are .net, java and iSeries

    Read the article

  • PAM / LDAP authentication with Ubuntu 10.04

    - by t6d
    I can't wrap my brain around the new pam.d configuration syntax used in Ubuntu 10.04. How do I setup PAM so that it allows users stored in my LDAP database to login. I already configured nscd, so id <user> or getent passwd are already listing my LDAP users, but PAM doesn't work, whether the normal shell login nor su.

    Read the article

  • How do I make a LDAP query-based dynamic distribution group in Exchange 2010

    - by blsub6
    I see that there were ways in Exchange 2003 and Exchange 2007 to just put in an LDAP query and it would populate the group for you. Is there any way to do that in Exchange 2010? I know there's dynamic distribution groups but I don't want to create the group based on one of their pre-set queries and I don't want to mess around with "custom attributes". I just want to put an LDAP query in there and make it run it to populate the distribution group.

    Read the article

  • LDAP + NFS + automount home directories permissions issue

    - by noobishguy
    When an LDAP user logs into the system they have incorrect permissions to their home directory. LDAP and NFS services exist on the same server. The directory shows the correct ownership / permissions: drwx------. 4 ldaptest ldaptest 4096 Jun 9 2014 ldaptest however the UID / GID do not match those on the server client: bash-4.1$ id uid=10001(ldaptest) gid=10001(ldaptest) groups=10001(ldaptest) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 server: [root@ldap1 log]# id ldaptest uid=502(ldaptest) gid=502(ldaptest) groups=502(ldaptest) How do I resolve this?

    Read the article

  • Override LDAP shell

    - by Incredible
    I have a LDAP server and a predefined shell (bash) set in it. But there are some machine on which I want a different shell to be used whenever user login to that instead of the shell stored in LDAP. How can I do this?? Can someone give me some direction in this? Thank you

    Read the article

  • LDAP hangs for 10-15 minutes if user put wrong credentials

    - by danny
    Hi: I am using a windows 2003 server .I am using LDAP to allow my wireless clients connect to the network. I can connect fine to the network. But whenever I enter a wrong credential my LDAP server freezes and no new clients can log in to the wireless network for 10 -15 minutes. i am using a cisco wlc and its doing web-authentication.

    Read the article

  • Alternative to Softerra's LDAP Administrator?

    - by Michael Mao
    I am looking for an alternative to Softerra's LDAP Administrator, simply for the price is over-budget for a small team to test the LDAP credentials. So I really appreciate if someone can point me to some other alternatives for a Windows-based environment. We've got our Active Directory setup already, I only need a tool to confirm the access as a proof to customers. Sorry I am not a security guru, I am quite the opposite... Thanks for any suggestion in advance!

    Read the article

  • LDAP Authentication fails with 500 or 401 depending on bind for Apache2

    - by Erik
    I'm setting up LDAP authentication for our Subversion repository hosted through Apache on a RHEL 5 system. I run into two different issues when I try to authenticate against Active Directory. <Location /svn/> Dav svn SvnParentPath /srv/subversion SVNListParentPath On AuthType Basic AuthName "Subversion Repository" AuthBasicProvider ldap AuthLDAPBindDN "cn=userfoo,ou=Service Accounts,ou=User Accounts,dc=my,dc=example,dc=com" AuthLDAPBindPassword "mypass" AuthLDAPUrl "ldap://my.example.com:389/ou=User Accounts,dc=my,dc=example,dc=com?sAMAccountName?sub?(objectClass=user)" NONE Require valid-user </Location> If I use the above configuration it continually prompts me with the Basic prompt and I have to eventually select Cancel, which returns a 401 (Authorization Required). If I comment out the bind parts it returns 500 (Internal Server Error), griping that authentication failed: [Mon Nov 02 12:00:00 2009] [warn] [client x.x.x.x] [10744] auth_ldap authenticate: user myuser authentication failed; URI /svn [ldap_search_ext_s() for user failed][Operations error] When I perform the bind using ldapsearch and filter for a simple attribute it returns correctly: ldapsearch -h my.example.com -p 389 -D "cn=userfoo,ou=Service Accounts,ou=User Accounts,dc=my,dc=example,dc=com" -b "ou=User Accounts,dc=my,dc=example,dc=com" -w - "&(objectClass=user)(cn=myuser)" sAMAccountName Unfortunately I have no control or insight into the AD part of the system, only the RHEL server. Does anyone know what the hang up is here?

    Read the article

  • Apache showing 500 error during Active Directory LDAP authentication

    - by Tyllyn
    I have Apache (on Windows Server) set up to authenticate one directory through Active Directory. Config settings are as follows: <LocationMatch "/trac/[^/]+/login"> Order deny,allow Allow from all AuthBasicProvider ldap AuthzLDAPAuthoritative Off AuthLDAPURL ldap://<ip-redacted>:3268/cn=Users,OU=MyBusiness,DC=<dc-redacted>,DC=local?sAMAccountName?sub?(objectClass=*) AuthLDAPBindDN trac@<dc-redacted>.local AuthLDAPBindPassword "<password-redacted>" AuthType Basic AuthName "Protected" require valid-user </LocationMatch> Watching, Wireshark, I see the following get sent through when I visit the page: To the AD server: bindRequest(1) "trac@<dc-redacted>.local" simple And from the AD server: bindResponse(1) success I'm assuming this means that the auth was successful... but Apache doesn't think so. It returns a 500 server to me. Apache logs show the following: [Thu Nov 18 16:21:12 2010] [debug] mod_authnz_ldap.c(379): [client 192.168.x.x] [7352] auth_ldap authenticate: using URL ldap://<ip-redacted>:3268/cn=Users,OU=MyBusiness,DC=<dc-redacted>,DC=local?sAMAccountName?sub?(objectClass=*), referer: http://192.168.x.x/trac/Trac/login [Thu Nov 18 16:21:12 2010] [info] [client 192.168.x.x] [7352] auth_ldap authenticate: user authentication failed; URI /trac/Trac/login [ldap_search_ext_s() for user failed][Filter Error], referer: http://192.168.x.x/trac/Trac/login Now, that log file shows a failed auth for a blank user. I am confused. Any idea what I am doing wrong... and how I can get the Apache authentication working? :) Thanks!

    Read the article

  • Limit access on Apache 2.4 to ldap group

    - by jakobbg
    I've upgraded from Ubuntu 12.04 LTS to 14.04 LTS, and suddenly, my Apache 2.4 (previous: Apache 2.2) now lets everybody in to my virtual host, which is unfortunate :-). What am I doing wrong? Anything with the Order/Allow lines? Any help is greatly appreciated! Here's my current config; <VirtualHost *:443> DavLockDB /etc/apache2/var/DavLock ServerAdmin [email protected] ServerName foo.mydomain.com DocumentRoot /srv/www/foo Include ssl-vhosts.conf <Directory /srv/www/foo> Order allow,deny Allow from all Dav On Options FollowSymLinks Indexes AllowOverride None AuthBasicProvider ldap AuthType Basic AuthName "Domain foo" AuthLDAPURL "ldap://localhost:389/dc=mydomain,dc=com?uid" NONE AuthLDAPBindDN "cn=searchUser, dc=mydomain, dc=com" AuthLDAPBindPassword "ThisIsThePwd" require ldap-group cn=users,dc=mydomain,dc=com <FilesMatch '^\.[Dd][Ss]_[Ss]'> Order allow,deny Deny from all </FilesMatch> <FilesMatch '\.[Dd][Bb]'> Order allow,deny Deny from all </FilesMatch> </Directory> ErrorLog /var/log/apache2/error-foo.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access-foo.log combined </VirtualHost>

    Read the article

  • version of ldap installed - one liner

    - by PJ
    HI, I am using LDAP which is installed in a solaris machine. To check the version of LDAP i go to /ldap and check the version installed as if it is version 5 then there is a directory of the name v5.0 and so on. After getting into the directory i check the directory structure. Can anybody tell me is there any shortest way or one liner to check the version of ldap installed in my machine. Thanks in advance.

    Read the article

  • Is it possible to have a local group for an LDAP user

    - by fakedrake
    I have an LDAP server to which i do not have full privileges and an ubuntu system with LDAP authentication to which i am root. Is it possible to add an LDAP user to a local group? (i dont know if i phrase this correctly but all i want is to have a user in LDAP in a group without edititing the actual database)

    Read the article

  • LDAP user data caching on local database

    - by Eduardo
    I am integrating LDAP authentication in my web enterprise application. I would like to show listing of people name and email. Instead of querying the LDAP server for the name and email each time a listing containing several users I thought about caching the data locally in the database. Do you guys know about caching LDAP data best practices? Should I cache LDAP user data? When should I insert and refresh the data?

    Read the article

  • How to change ldap password using zend

    - by NAVEED
    I am working with zend framework, PHP , Ldap on Ubuntu. I am authenticating users from ldap using zend library. Now I want to change user's ldap passwords using zend. Any Idea? This is the method that I am using to get zend authentication adapter. It is working perfectly and users are authenticated using this adapter. public function getAuthAdapter(array $params) { $front = Zend_Controller_Front::getInstance(); $options = $front->getParam('bootstrap')->getOption('ldap'); $params['username'] = split( "@" , $params['username'] ); $username = 'cn=' . $params['username'][0] . ',' . $options['server1']['baseDn']; $adapter = new Zend_Auth_Adapter_Ldap( $options, $username, $params['password']); $adapter->setIdentity( $params['username'] ); $adapter->setCredential( $params['password'] ); return $adapter; } Now how to change ldap passwords? Thanks

    Read the article

  • Program occasionally stuck when writing to ldap

    - by djerry
    hey guys, I have 2 databases for my program : mysql and ldap. All transactions happen to mysql, but i need ldap to connect to ip-phones. There's an option to synchronise the ldap database. So when the ldap is brand new, and mysql contains like 200+ records, it may want to update. But when inserting all those entries, it "freezes". It never happens at the same record, it's very random. Sometimes after 70 records, sometimes at 200 the program quits inserting, and gets stuck. This is very annoying. My best guess is that ldap can't handle that much inserts in a short time. Code isn't the problem, as it is a random problem. Does this seem familiar to somebody or is it just me? Thanks in advance.

    Read the article

  • Ldap invalid credentials not loading authentication failure url

    - by Murari
    Able to do the custom ldap authentication for external db authorities. But when i am trying to test wrong password the authentication failure url is not showing instead my browser prints the exception details.Below is my securitycontext.xml and exption given <http auto-config="false" access-decision-manager-ref="accessDecisionManager" access-denied-page="/accessDenied.jsp"> <!-- Restrict access to ALL other pages --> <intercept-url pattern="/index.jsp" filters="none" /> <!-- Don't set any role restrictions on login.jsp --> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/service/**" access="PRIV_Report User, PRIV_305" /> <logout logout-success-url="/index.jsp" /> <form-login authentication-failure-url="/index.jsp?error=1" default-target-url="/home.jsp" /> <anonymous/> </http> <b:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased"> <b:property name="decisionVoters"> <b:list> <b:ref bean="roleVoter" /> <b:ref bean="authenticatedVoter" /> </b:list> </b:property> </b:bean> <b:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"> <b:property name="rolePrefix" value="PRIV_" /> </b:bean> <b:bean id="authenticatedVoter" class="org.springframework.security.vote.AuthenticatedVoter"> </b:bean> <b:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <b:constructor-arg value="ldap://mydomain:389" /> </b:bean> <b:bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <b:constructor-arg ref="contextSource" /> </b:bean> <b:bean id="ldapAuthenticationProvider" class="com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider"> <b:property name="authenticator" ref="ldapAuthenticator" /> <custom-authentication-provider /> </b:bean> <b:bean id="ldapAuthenticator" class="com.zo.sas.gwt.security.login.server.SASAuthenticator"> <b:property name="contextSource" ref="contextSource" /> <b:property name="userDnPatterns"> <b:value>uid={0},OU=People</b:value> </b:property> </b:bean> and my exception logs..... org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:180) org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:266) org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106) com.zo.sas.gwt.security.login.server.SASAuthenticator.authenticate(SASAuthenticator.java:55) com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider.authenticate(SASLdapAuthenticationProvider.java:45) org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:188) org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46) org.springframework.security.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:82) org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:258) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138) This is my index.jsp <html> <script type="text/javascript" language="javascript"> var dictionary = { loginErr: "${SPRING_SECURITY_LAST_EXCEPTION.message}", error: "${param.error}" }; </script> <head> </head> <body > <iframe src="javascript:''" id="__gwt_historyFrame" style="width:0;height:0;border:0"></iframe> <script type="text/javascript" language="javascript" src="com.zo.sas.gwt.sasworkflow.home.Home.nocache.js"></script> </body> </html>

    Read the article

  • LDAP search filter for Active Directory

    - by Francesco De Vittori
    Hello, I'm trying to look for users inside Active Directory through a LDAP query. Basically I'm searching for the user in this way: Search DN: dc=mydomain, dc=com Filter: (sAMAccountName=USER) where USER is replaced with the provided username. Now if USER is only the username without domain (for ex. "Joe") this works fine. However I receive them in the form (domain\username, for ex. "myDomain\Joe") and obviously the search fails. I see two ways: using a regex inside the Search Filter to discard the domain using a completely different search filter I'm no LDAP expert and I don't even know if it's possible to use regular expressions inside the search filters. Does anyone know if it's possible and how? P.S. I cannot pre-process the username to strip the domain. This cannot be changed, as it's all part of a large system.

    Read the article

  • Web authentication using LDAP and Apache?

    - by Stephen R
    I am working on a project of setting up a web administered inventory database for my work (or if they don't want it then i'll enjoy learning about it) and hit the problem of allowing only authorized users to access the website (In its testing/development phase, I allow all people to navigate to the website to add entries to the database and query it). I am trying to make it so only particular users in the domain (Active Directory) are allowed to access the website after they are queried about their credentials. I read that Apache (I am using a LAMP server) has a means of asking visitors to the website to provide LDAP credentials in order to gain access to the site, but I wasn't sure if that was exactly what I was looking for. If anyone has experience in the LDAP configurations for Apache that I mentioned or any other means of securely authenticating with websites I would greatly appreciate advice or a direction to go Thank you!

    Read the article

  • Slow IE8 Start-up due to LDAP DNS queries

    - by MikeJ-UK
    Recently (in the last few days), my installation of IE8 has been taking 15 to 20 seconds to load my home page. Specifically, the sequence of events (as reported by WireShark) is:- Browser issues a DNS A query to resolve the home page server's IP address. Browser then spends the next 15-20 seconds broadcasting DNS SRV _LDAP._TCP queries, (roughly on a 2 second tick) to which it receives no answer (we have no LDAP servers). Browser re-issues the DNS A query and resolves the server's IP address again. Finally, the browser issues an HTTP GET for the home page. Does anyone know why this is happening? Possibly related to this question EDIT: @Massimo, LDAP query is :- Domain Name System (query) Transaction ID: 0x11c5 Flags: 0x0100 (Standard query) Questions: 1 Answer RRS: 0 Authority RRS: 0 Additional RRS: 0 Queries _LDAP._TCP: type SRV, class IN Name: _LDAP._TCP Type: SRV (Service location) Class: IN (0x0001)

    Read the article

  • LDAP :Failed to find add in mandatory or optional attribute list

    - by Manju Prabhu
    I am trying to import an ldif file which has following content- DN: cn=myUser,cn=Users,dc=us,dc=oracle,dc=com objectclass: top objectclass: person objectclass: organizationalPerson objectclass: inetorgperson objectclass: orcluser objectclass: orcluserV2 cn: myUser givenname: myUser mail: myUser orclsamaccountname: myUser sn: myUser uid: myUser userpassword:: somepassword dn: cn=Administrator,cn=Groups,dc=us,dc=oracle,dc=com objectclass: person changetype: modify add: uniquemember uniquemember: cn=myUser,cn=Users,dc=us,dc=oracle,dc=com When I do this, LDAP throws follwing error javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find add in mandatory or optional attribute list.]; remaining name 'cn=Administrator,cn=Groups,dc=us,dc=oracle,dc=com' The user gets imported, but it is not added to the group(Group exists). What am i missing ?

    Read the article

  • FTP in DMZ, TCP Ports for LDAP Auth

    - by sam
    szenario: (outside)---(ASA5510)---(inside) -Windows2008 DC .....................(dmz) ..........-Win2008 FTP Server Which Ports do I need to open from DMZ-Inside that FTP Users can authentificated on the Inside DC? I have allready opend 389 (Ldap), 636 (secure Ldap) and 53 (dns). But the ftp Client stucks allways after processing the credentials and the FTP Server gives you an eventlog "logon error". the error messages indicates that there could be an issue with closed ports. if I turn the ACL to "IP", that means all ports are open, everything is working fine.

    Read the article

  • Sharepoint 2010 and Samba LDAP groups

    - by Jon Rhoades
    The setup: Windows 2008 SP2 Sharepoint 2010 Foundation Samba 3 "Domain" I'm trying to use the Samba LDAP users & groups we already have to access to Sharepoint. I can successfully authenticate using the Samaba accounts (getting the "Error: Access Denied" message as the user has no permissions). So Sharepoint can clearly see and use the existing accounts/groups. What I can't do is be authorised as in the grant permissions interface, Sharepoint now fails to match the account (I get an "No Exact match found..."). Is there a way of getting the Sharepoint permissions interface to recognise and use our existing Samba LDAP accounts? I get it - don't use Samaba, use AD. If I had that option I would, but I don't.

    Read the article

  • Get LDAP Information For University Email. For Thunderbird

    - by Dhruvenkumar Shah
    I am a Student at Northeastern University. They use G-Apps for email ids, so whenever I need to email someone, using university Id which ends with husky.neu.edu. I have to go Gmails compose mail, They have some LDAP Setting by which I get all the email ids using AJAX in "To" as soon as I start typing. I want to configure same in Thunderbird, I contacted university but they are not able to help me. Is it possible that on my G-Apps Gmail Settings those LDAP Parameter needed for configuration are presents? Can anyone help me? I want to configure a directory reference in my email client thunderbird, I dont know the parameters to use, it is possible I can get it somehow?

    Read the article

  • Setting up SSL with 389 Directory Server for LDAP authentication

    - by GioMac
    I've got 389 Directory Server running on RHEL 5 with groups, users, posix etc. RHEL clients are authenticating users with LDAP - no problems, everything works perfect, but passwords are sent in plaintext and are visible with network sniffer. So, decided to run with SSL: Created CA - got both private and public CA certificates Using CA certs: generated both of private and public certificates and combined (1st file) for 389DS according to 389DS certificate request, imported with CA public cert to 389DS from graphical console (2nd file). Enabled SSL in 389DS On the client, using authconfig-gtk enabled SSL for LDAP, specified only CA public certificate Doesn't work. Howto? What is the best way to integrate safely?

    Read the article

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >