Adobe LiveCycle (Archived)

Permalink · 1/22/06

I am trying to setup my New Directory for LDAP settings. I have tried lots of different values, but the "test server" button always returns the "Unable to connect to service" error. I'm having a hard time finding any documentation describing how to get this working. I want Form Manager to be able to use LDAP to automatically authenticate my users.

The screen I am referring to is under LiveCycle Administrator, Home > Settings > User Management > Domain Management > New Enterprise Domain.

If anyone has experience setting this up, please try to describe what is required in the fields. I am particularly interested in the User and Group settings.

I have used the LDP.exe tool that comes on the Windows 2003 CD with the support tools. It connects to my LDAP just fine.

Thanks,

Duncan Campbell

Xcellerate IT

Permalink · 1/24/06

<Duncan_Campbell@adobeforums.com> ha scritto nel messaggio news:3bbe2adc.-1@webx.la2eafNXanI... >I am trying to setup my New Directory for LDAP settings. I have tried lots >of different values, but the "test server" button always returns the >"Unable to connect to service" error. I'm having a hard time finding any >documentation describing how to get this working. I want Form Manager to be >able to use LDAP to automatically authenticate my users. > > The screen I am referring to is under LiveCycle Administrator, Home > > Settings > User Management > Domain Management > New Enterprise Domain. > > If anyone has experience setting this up, please try to describe what is > required in the fields. I am particularly interested in the User and Group > settings. > > I have used the LDP.exe tool that comes on the Windows 2003 CD with the > support tools. It connects to my LDAP just fine. > > Thanks, > Duncan Campbell > Xcellerate IT Select the kind of LDAP settings related to the program you are using (Active Directory on Windows 2000, or on Windows 2003, or Sun LDAP). First of all, write the ip of the machine in which you have Active Directory installed and configured. If you receive this message again, then try to ping this ip in order to understand if you can reach this machine. Then, you have to write the credential: usually, this is something as CN=Administrator, CN=Users, DC=domainname, DC=com (or local) Then you have to write the base dn search criteria both for users and for groups. Use LDAP Query Browser if you don't know well LDAP. Ciao, Alessio (a.k.a. Kinglion Il Meticcio)

Permalink · 1/30/06

I managed to get my LDAP to work by having my server and binding user name right.

My server is something like "computername.mydomain.com"

and my user is "Administrator@mydomain.com"

I had to enter the password for the Windows administrator account I was logged in as.

It works!

Now get this:

Originally my Directory synchronization clobbered by administrator account and noone had admin rights and I was locked out of admin.

Now that I re-installed everything and I have LDAP working, I performed my sync and gave admin rights to people (including administrator) in LiveCycle. For some reason my administrator account in LiveCycle is marked with a TYPE of LOCAL and it is not authenticating against LDAP. Everyone else has a TYPE of ENTERPRISE and they are authenticating. Why wasn't the administrator account overwritten during the sync process?

I wish I knew what LiveCycle is thinking. One minute it overwrites my admin account and locks me out, the next minute it leaves it alone. The help under the "User Management Help" button leaves much to be desired.

Duncan Campbell

Xcellerate IT

Permalink · 2/15/06

Hi, i am not able to connect to my server.

everytime i try to connect i get the message unable to "connect to service"

for server i typed the id of it. i can ping the server

my servers name is armstrong.jazz.ent

the domain is jazz.ent

it is windows 2003 server

how do the user settings look like?

how do "BASE DN" look like.

please help

Permalink · 2/16/06

Those settings are completely dependant on your specific LDAP implementation. An LDAP browser like the one from Softerra can be a useful tool in figuring out what these are in your case. The best way would be to ask your LDAP admin.

Chris

Adobe Enterprise Developer Support

Permalink · 6/8/06

Hi,

I too receive the same error - "Unable to connect to service"

The error log is as follows -

ERROR [LDAPDirectoryPrincipalProviderImpl] UserM:LDAP_TEST:

[Thread: http-0.0.0.0-8080-Processor25, hc: 14418746 ]testConfiguration failed:

com.adobe.idp.um.spi.directoryservices.DirectoryProviderConfig@14461a1com.adobe.

idp.common.errors.exception.IDPSystemException: null

Here are my settings (under LiveCycle Administrator, Home > Settings > User Management > Domain Management > New Enterprise Domain )-

----------------------------------------------------------------

Server - My LDAP Server IP (i can ping it from my machine)

Port - 389

SSL - No

Binding:

User - username@mydomain.com

password - ******

User Setting:

Unique identifier - dn

Base DN - mydomain.com

All other fields I keep as default

Group Setting:

Unique identifier - dn

Base DN - mydomain.com

All other fields I keep as default

Can anybody guide me where I am going wrong.

Thanks and regards,

Shivajiv.

HowardTreisman · 6/8/06

Hi

Your base DN and username fields need to be LDAP names, not generic ones. The easiest way to work out what to use is to download Softerra LDAP browser, and use that to work out what all the settings are.

Your Network Administrator might also be able to help.

Howard

http://www.avoka.com

Permalink · 6/13/06

Thanks for the suggestion Howard.. I was finally able to set up LDAP :)

For others -

I am using following settings -

Server - My LDAP server's IP

Port - 389

SSL = No

Name = user@MyDomain.com

Password = Above users password in the LDAP server

Base DN = CN=Users, DC=MyDomain, DC=com

Thanks and regards,

Shivajiv.

Permalink · 2/27/07

Just so I'm following this, I need to add the users or groups from my Windows 2003 AD to LiveCycle in order for them to have roles withing LiveCycle.

Is there no way I can create users and groups without linking them to AD?

HowardTreisman · 2/28/07

You can create local users and groups using QPACs that you can download from:

http://www.avoka.com/Avoka/qpac_library.shtml

Howard

shujaatsyed7 · 5/27/09

Hello

I need help in LDAP authenitcation, I am not sure about my LDAP starting sting and each time I am getting varification failed in cold Fusion LDAP wizard and I have tried alot of thing and all vain.

I have also installed SOFTERRA LDAP BROWSER but the information taken from there like "o=Disney" and "CN=Syed Mehboob(My name)" does not work esither, and lets suppose my company name is "Disney.world.com" ,does that have to do any thing with starting string syntax of LDAP?I am also attaching LDAP sting for your help.

memberOf: CN=Disney New York,OU=User Groups,DC=Dinsey,DC=brands,DC=com

name: Mehboob, Syed

msExchHomeServerName: /o=Disney/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=Disneyworld

I am attaching a screenshot and hopefully that help to understand my issue and if any one can help me to locate "opening string" or "authenticate LDAP" that would be really appreciated.

PEASE REFER TO ATTACHED PICTURE

Adobe LiveCycle (Archived)

LDAP setup for user authentication

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe