Skip navigation
Currently Being Moderated

LDAP setup for user authentication

Jan 22, 2006 11:23 PM

I am trying to setup my New Directory for LDAP settings. I have tried lots of different values, but the "test server" button always returns the "Unable to connect to service" error. I'm having a hard time finding any documentation describing how to get this working. I want Form Manager to be able to use LDAP to automatically authenticate my users.

The screen I am referring to is under LiveCycle Administrator, Home > Settings > User Management > Domain Management > New Enterprise Domain.

If anyone has experience setting this up, please try to describe what is required in the fields. I am particularly interested in the User and Group settings.

I have used the LDP.exe tool that comes on the Windows 2003 CD with the support tools. It connects to my LDAP just fine.

Thanks,
Duncan Campbell
Xcellerate IT
 
Replies
  • Currently Being Moderated
    Jan 24, 2006 8:41 AM   in reply to (Duncan_Campbell)
    <Duncan_Campbell@adobeforums.com> ha scritto nel messaggio <br />news:3bbe2adc.-1@webx.la2eafNXanI...<br />>I am trying to setup my New Directory for LDAP settings. I have tried lots <br />>of different values, but the "test server" button always returns the <br />>"Unable to connect to service" error. I'm having a hard time finding any <br />>documentation describing how to get this working. I want Form Manager to be <br />>able to use LDAP to automatically authenticate my users.<br />><br />> The screen I am referring to is under LiveCycle Administrator, Home > <br />> Settings > User Management > Domain Management > New Enterprise Domain.<br />><br />> If anyone has experience setting this up, please try to describe what is <br />> required in the fields. I am particularly interested in the User and Group <br />> settings.<br />><br />> I have used the LDP.exe tool that comes on the Windows 2003 CD with the <br />> support tools. It connects to my LDAP just fine.<br />><br />> Thanks,<br />> Duncan Campbell<br />> Xcellerate IT<br /><br />Select the kind of LDAP settings related to the program you are using <br />(Active Directory on Windows 2000, or on Windows 2003, or Sun LDAP).<br />First of all, write the ip of the machine in which you have Active Directory <br />installed and configured.<br />If you receive this message again, then try to ping this ip in order to <br />understand if you can reach this machine.<br /><br />Then, you have to write the credential: usually, this is something as <br />CN=Administrator, CN=Users, DC=domainname, DC=com (or local)<br /><br />Then you have to write the base dn search criteria both for users and for <br />groups.<br /><br />Use LDAP Query Browser if you don't know well LDAP.<br /><br />Ciao,<br />Alessio (a.k.a. Kinglion Il Meticcio)
     
    |
    Mark as:
  • Currently Being Moderated
    Feb 15, 2006 8:17 AM   in reply to (Duncan_Campbell)
    Hi, i am not able to connect to my server.
    everytime i try to connect i get the message unable to "connect to service"

    for server i typed the id of it. i can ping the server

    my servers name is armstrong.jazz.ent
    the domain is jazz.ent
    it is windows 2003 server

    how do the user settings look like?
    how do "BASE DN" look like.

    please help
     
    |
    Mark as:
  • Currently Being Moderated
    Feb 16, 2006 2:20 PM   in reply to (Duncan_Campbell)
    Those settings are completely dependant on your specific LDAP implementation. An LDAP browser like the one from Softerra can be a useful tool in figuring out what these are in your case. The best way would be to ask your LDAP admin.

    Chris
    Adobe Enterprise Developer Support
     
    |
    Mark as:
  • Currently Being Moderated
    Jun 8, 2006 1:11 AM   in reply to (Duncan_Campbell)
    Hi,

    I too receive the same error - "Unable to connect to service"
    The error log is as follows -

    ERROR [LDAPDirectoryPrincipalProviderImpl] UserM:LDAP_TEST:
    [Thread: http-0.0.0.0-8080-Processor25, hc: 14418746 ]testConfiguration failed:
    com.adobe.idp.um.spi.directoryservices.DirectoryProviderConfig@14461a1 com.adobe.
    idp.common.errors.exception.IDPSystemException: null

    Here are my settings (under LiveCycle Administrator, Home > Settings > User Management > Domain Management > New Enterprise Domain )-
    ----------------------------------------------------------------

    Server - My LDAP Server IP (i can ping it from my machine)
    Port - 389
    SSL - No
    Binding:
    User - username@mydomain.com
    password - ******

    User Setting:
    Unique identifier - dn
    Base DN - mydomain.com
    All other fields I keep as default

    Group Setting:
    Unique identifier - dn
    Base DN - mydomain.com
    All other fields I keep as default

    Can anybody guide me where I am going wrong.

    Thanks and regards,
    Shivajiv.
     
    |
    Mark as:
  • Currently Being Moderated
    Jun 8, 2006 1:49 AM   in reply to (Duncan_Campbell)
    Hi
    Your base DN and username fields need to be LDAP names, not generic ones. The easiest way to work out what to use is to download Softerra LDAP browser, and use that to work out what all the settings are.
    Your Network Administrator might also be able to help.

    Howard
    http://www.avoka.com
     
    |
    Mark as:
  • Currently Being Moderated
    Jun 13, 2006 2:49 AM   in reply to (Duncan_Campbell)
    Thanks for the suggestion Howard.. I was finally able to set up LDAP :)

    For others -

    I am using following settings -

    Server - My LDAP server's IP
    Port - 389
    SSL = No
    Name = user@MyDomain.com
    Password = Above users password in the LDAP server
    Base DN = CN=Users, DC=MyDomain, DC=com

    Thanks and regards,
    Shivajiv.
     
    |
    Mark as:
  • Currently Being Moderated
    Feb 27, 2007 10:23 AM   in reply to (Duncan_Campbell)
    Just so I'm following this, I need to add the users or groups from my Windows 2003 AD to LiveCycle in order for them to have roles withing LiveCycle.

    Is there no way I can create users and groups without linking them to AD?
     
    |
    Mark as:
  • Currently Being Moderated
    Feb 28, 2007 2:29 AM   in reply to (Duncan_Campbell)
    You can create local users and groups using QPACs that you can download from:
    http://www.avoka.com/Avoka/qpac_library.shtml
    Howard
     
    |
    Mark as:
  • Currently Being Moderated
    May 27, 2009 1:57 PM   in reply to HowardTreisman

    Hello

     

     

         I need help in LDAP authenitcation, I am not sure about my LDAP starting sting and each time I am getting varification failed in cold Fusion LDAP wizard and I have tried alot of thing and all vain.

     

     

         I have also installed SOFTERRA LDAP BROWSER but the information taken from there like "o=Disney" and "CN=Syed Mehboob(My name)"  does not work esither, and lets suppose my company name is "Disney.world.com" ,does that have to do any thing with starting string syntax of LDAP?I am also attaching LDAP sting for your help.

     

     

    memberOf: CN=Disney New York,OU=User Groups,DC=Dinsey,DC=brands,DC=com

    name: Mehboob, Syed

    msExchHomeServerName:         /o=Disney/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=Disneyworld

     

     

    I am attaching a screenshot and hopefully that help to understand my issue and if any one can help me to locate "opening string" or "authenticate LDAP" that would be really appreciated. 

     

    PEASE REFER TO ATTACHED PICTURE

    Attachments:
     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)