Copy link to clipboard
Copied
I'm attempting to use LDAP in the configuration manager but its rejecting me outright.
These are my settings:
Built in database radio button selected
LDAP Server URL - ldap://mycompany.local:389
Base Node for User Search: dc=mycompany,dc=local
Base Node for Group Search: dc=mycompany,dc=local
User ID attribute Name: cn
Group ID attribute name: cn
Group Member Attribute: member
Default Admin Account for Web Administrator
Username - myadminaccountname
Password - grayedout
I have verified all of the attributes as being correct but I'm still getting a javax.naming.authetication error - 49
Can anyone help
Copy link to clipboard
Copied
Hi LaRoque149 and welcome to the RH forums.
I believe you are referring to access to the RoboHelp Server web administrator. Is that right? If so, I'm not aware if you can even use it with LDAP. Maybe John Daigle can advise here. "Paging Mr Daigle". "Paging Mr Daigle".
Copy link to clipboard
Copied
Thanks for getting back to me RoboColum(n),
Yes, I am using RH Server Web Administrator. According to pages 14-15 of the help file in RH 9 I should be able to user LDAP authentication for RH Server...
Copy link to clipboard
Copied
Having reread your original post I am now unclear about where the problem is. Is it that the Configuration Manager is not allowing you to set up your LDAP connection? Or is it that it is all set up but that you can't access the Web Administrator?
You may know this already but that Java error is due to invalid credentials. Maybe you could post the entire error here as part of it may give us more of a clue. See the link below for further details.
http://www.blogsoncloud.com/jsp/techSols/javax-naming-AuthenticationException.jsp
Copy link to clipboard
Copied
I can open the Configuration Manager, open the /robohelp context, select Use LDAP Authentication, and fill out my information, save and restart Tomcat.
I open the server web administrator and I'm presented with a logon screen. At this point, I cannot use network administrator name and password.
If I don't make any changes to the Server Configuration Manager, I can use the default admin name and password.
This is on a Server 2008 EE R2 server.dc
The exact error message is:
Error in LDAP
authentication.<br>javax.naming.AuthenticationException: [LDAP: error code 49 - comment: AcceptSecurityContext error,data 52e, v1db0
This is the content of the Robohelp_server properties file: (Names, domains and servers are changed for this forum)
rolesearchbase=dc=mycompany,dc=local
DefAdminPwd=
rolesearch=member
DefAdminUid=adminmyname
maxload=150
usersearchbase=dc=mycompany,dc=local
ldapURL=ldap://dc01.mycompany.local:389
authtype=ldap
reindex=true
dsnuser=
useridkey=cn
ProjectsUrlBase=/robohelp/robo
substringsearch=false
rolename=cn
DatabaseType=access
ProjectsDirBase=c:\\program files\\adobe\\adobe robohelp server 9\\robo
DSN=
dsnpwd=
Copy link to clipboard
Copied
I found a partial answer.
In the robohelp_server.properties file I changed
usersearchbase=dc=mycompany,dc=local
to
usersearchbase=ou=users,ou=is-admins,ou=myOU,dc=myCompany,dc=local
Caveat - I could not use the Configuration Manager to make the changes stick - Sometimes it worked, other times it didn't. Stopping/Starting/Restarting Tomcat at any point in the process had only a limited effect. Some items changed, others didn't - No valid reason why.
I had to actually edit the robohelp_server.properties file manually.
I am now able to use my adminname/password to access the Web Administrator. I can add others from my group, but I am currently not able to add regular users from the rest of the company due to the fact that I can only search in the specified context in the usersearchbase and I'm not able to add additional search bases.
Copy link to clipboard
Copied
I have the same problem with the same error.... LDAP Server & RoboHelp Server 9 are both Windows 2008 R2.
Copy link to clipboard
Copied
Hope my previous notes were able to help you Dustin
Copy link to clipboard
Copied
No, sorry still can not get LDAP to work .
Copy link to clipboard
Copied
This is all i ever get...
Login Error
Error in LDAP
a uth e nti cation. &It; b r >j ;::tvax. naming .Authentic a
tionException: [LDAP: error code 49-
80091J308: LdapErr: DSID-OC0903A9.
comment: Accept8ecurityCor1text error. data
52 e. v·1 db ·1
Here is my config...
rolesearchbase=DC=ne*,DC=cir*,DC=local
DefAdminPwd=admin
rolesearch=member
DefAdminUid=dustin
maxload=150
usersearchbase=OU=USERS,OU=USBC,DC=ne*,DC=cir*,DC=local
ldapURL=ldap://dc1.ne*.cir*.local:389
authtype=ldap
reindex=true
dsnuser=
useridkey=cn
ProjectsUrlBase=/robohelp/robo
substringsearch=false
rolename=cn
DatabaseType=access
ProjectsDirBase=c:\\program files\\adobe\\adobe robohelp server 9\\robo
DSN=
dsnpwd=
Copy link to clipboard
Copied
My system has Java jre-6u31-windows-x64 and Tomcat 7.0 installed. Java has to be installed prior to Tomcat. Once both are installed, I set the properties for Tomcat to start automatically.
First and foremost, you have to know where your admin ID is in your AD structure. I could not get the Configuration Manager to work correctly so I had to edit the robohelp_server.properties file manually. You can open the robohelp_server.properties (or your new context_server.properties) file in Notepad.
Once the file is open, verify that the DefAdminPwd is deleted. Verify that your DefAdminUid adminName is correct. Theres a good tool called Softerra LDAP administrator to query your LDAP server if you do not know where your adminID is.
This is the exact procedure that I have my Project Administrators use to create a new context:
Log into the Robohelp server CMCROBO01 with your administrator name and password.
Click on Start>All Programs>Adobe RoboHelp Server 9>Configuration Manager
Navigate to C:\Program Files\Apache Software Foundation\Tomcat 7.0\conf
Select server.xml and Open.
Specify Tomcat 7 from the drop-down menu
At this point the RoboHelp Server Configuration Manager will open.
Select File>New Context
Select a context name for your project. In this case my context name is (mycontextname) - I have been using lower case letters for context naming to stay consistent with folder structure. Click OK.
(MY Context Name is the name of a project created in RoboHelp 9 HTML that I plan to push to the RoboHelp Server).
To stay consistent, please do not use special characters when creating a context !@#$%^&*()_+= etc (My rule)
Click the Use LDAP Authentication check box and fill in the white areas of the RoboHelp Server Configuration Manager.
LDAP Server URL - ldap://domainController01.myCompany.local:389
Base Node for User Search - ou=users,ou=is-admins,ou=anotherOU,dc=myCompany,dc=local
Base Node for Group Search - dc=myCompany,dc=local
User ID Attribute Name - cn
Group ID Attribute Name - cn
Group Member Attribute - member
Default Admin Account for Web Administrator
Username - adminrobohelp
Password - (grayed out)
Click Save. Close Configuration Manger. This should restart the Tomcat service.
Tomcat may be slow to restart. Just to be safe, start/restart Tomcat manually.
Navigate to C:\Program Files\Adobe\Adobe Robohelp Server 9\WEB-INF and find a file called mycontextname_server.properties. (mycontextname_server), and open the file with Notepad. Delete the the DefAdminPwd "admin" and save. Verify that the DefAdminUid is adminrobohelp. (or whatever your adminName is)
Restart the Tomcat service.
Copy link to clipboard
Copied
Now that I look at your config, delete the DefAdminPwd. (admin)
Copy link to clipboard
Copied
Okay did that but still no luck, same error 49....
Copy link to clipboard
Copied
The only other thing I see in your config is that you are using an asterisk in your searches. I also found that I had to make sure all my context_server.properties files had the same information.
Copy link to clipboard
Copied
The asterisk are not in the real config file.
Copy link to clipboard
Copied
Just the word admin
Copy link to clipboard
Copied
Okay here is what i got.
rolesearchbase=DC=n12,DC=cbc,DC=com
DefAdminUid=user1
rolesearch=member
DefAdminPwd=
maxload=150
ldapURL=ldap://dc1.n12.cbc.com:389
usersearchbase=OU=USERS,OU=USBC,DC=n12,DC=cbc,DC=com
dsnuser=
reindex=true
authtype=ldap
ProjectsUrlBase=/robohelp/robo
useridkey=cn
substringsearch=false
rolename=cn
DSN=
ProjectsDirBase=c:\\program files\\adobe\\adobe robohelp server 9\\robo
DatabaseType=access
dsnpwd=
Copy link to clipboard
Copied
This is the content of my robohelp_server.properties file (RoboHelp Server 9)
The only differences that I see are that the order is slightly different.
My ProjectsURLBase=/robohelp/robohelp and ProjectsDirBase=c:\\program files\\adobe\\adobe robohelp server 9\\robohelp.
Yours is ProjectsURLBase=/robohelp/robo and ProjectsDirBase=c:\\program files\\adobe\\adobe robohelp server 9\\robo.
If you have created any other contexts_server.properties files, you should make sure that they all have the exact same information.
rolesearchbase=dc=caidan,dc=local
DefAdminPwd=
rolesearch=member
DefAdminUid=adminrobohelp
maxload=150
usersearchbase=ou=users,ou=is-admins,ou=hpm,dc=caidan,dc=local
ldapURL=ldap://cmcdc01.caidan.local
dsnuser=
reindex=true
authtype=ldap
useridkey=cn
ProjectsUrlBase=/robohelp/robohelp
substringsearch=false
rolename=cn
DSN=
ProjectsDirBase=c:\\program files\\adobe\\adobe robohelp server 9\\robohelp
DatabaseType=access
dsnpwd=
Copy link to clipboard
Copied
And restart Tomcat after any save.
Copy link to clipboard
Copied
Okay looks like it got it to log in. But it is not letting me add in any LDAP Groups or Users.
Copy link to clipboard
Copied
I couldnt get groups to add either. I could only add users that were in my OU. What did you find as your final answer as to why you couldnt log in?
Copy link to clipboard
Copied
Nothing I just keep changing the usersearchbase= and created a special user just for robohelp. I was tring to use my domain account.
Copy link to clipboard
Copied
How do you add users just put in the user name ? Or do you need to put in anything special ?
Copy link to clipboard
Copied
It lets me add one LDAP Group called users.
but nothing else
Copy link to clipboard
Copied
Okay figure out how to add the users... not by the sam account name but by the display name.