Skip to Content
avatar image
Former Member

Configuring LDAP in SUP 2.1 ebf #3

Hi,

Im trying to configure LDAP for SUP 2.1.3 but in server log i get :

2012-07-05 05:30:11.547 DEBUG Security Thread-311 [com.sybase.security.ldap.LDAPAttributer]No LDAP configuration available to this provider.

2012-07-05 05:30:11.547 DEBUG Security Thread-311 [com.sybase.security.ldap.LDAPConfig]looking for shared/authenticated configuration

I did the following configurations :

1- In Security node i chose "admin" then Authentication tab

2- Created new LDAPLoginModule

3- Checked ldaploginmodule and in General tab validate and applied

4- be able to see ldap provider log i set the security component as debug level.

Since i use sup 2.1.3 version i didn't change csi.properties and role-map.xml. What should i do more for server gets ldap configurations ?

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

4 Answers

  • Best Answer
    Jul 06, 2012 at 08:03 AM

    Hello Tahir,

    I just configured "admin" security settings in the following manner:

    I tested this configuration with SUP 2.1.3

    Kind regards,

    Vlad


    Add comment
    10|10000 characters needed characters exceeded

    • Hello Tahir,

      I have some points to add:

      1. Do you need the Authentication Filter property? It reduces the search result of the Default Search Base catalog. E.g. if you test the search of available roles in the system using Apache LDAP plugin will it return you a valid result?

      2. What roles do you have? If they are different than "SUP Administrator" etc, please map them in somewhere in the Security menu (probably in the Domain item). You should see a list of returned roles in dropdown lists.

      3. Check \SCC-3_2\log\agent.log and \SCC-3_2\log\gateway.log files when you try to login. They have an information if the login attempt was successfull.

      Kind regards,

      Vlad

  • avatar image
    Former Member
    Jul 09, 2012 at 08:24 AM

    Hello,

    Thank you for all of your answers. I actually made it work. I can see roles in the admin and mapped them to SUP Adminstrator, but the weird thing is i cannot login with my domain user.

    I am using Apache Directory Studio to get my DN and filter. In the server-log files im gettin following exception ;

    com.sybase.security.ldap.LDAPAuthenticationFailureWarning: Record matching LDAP filter (objectClass=person) in the search base OU=mygroup ,DC=sybase DC=local was not found. Verify that the user exists and the bind user has permissions to read the user properties.at com.sybase.security.ldap.LDAPQueryHelper.lookupUserDN(LDAPQueryHelper.java:171)

    In ldap connection properties I set the Authenctication filter as (objectClass=person). I got this filter from apache directory studio it works here but doesnt work in SUP.

    Any clues about this ?

    Kind Regards

    Tahir ÖZ

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi All,

      Somebody able to fix this issue. I am currently configuring the same with MSAD-SUP-iOS.

      I have one more issue that our client uses Active Directory with Certificate based Access and I am yet to find any How-To guide on that part.

      Appreciate if somebody can share relevant How-To guide.

  • avatar image
    Former Member
    Jul 06, 2012 at 10:16 PM

    Hello Tahir,

    First make sure to map the sup roles to your ldap groups in the admin domain

    Regards,

    Ayax


    SCC01.jpg (38.2 kB)
    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 12, 2013 at 02:51 PM

    Hello Gyus,

    I have also the problem with SUP 2.2 that the ldap integration is not working. In the log i get just the error that I should check my username and Password, nothing else.

    Has anybody configured SUP 2.2 successfully with ldap authentication?

    Is there any description explicit for SUP 2.2 ?

    Best Regards

    Michael

    Add comment
    10|10000 characters needed characters exceeded