Hi Bjarni Þór Jónsson, I've googled for you and found: http://www.ldapguru.org/modules/newbb/viewtopic.php?topic_id=1591&forum=6&post_id=4894
I guessed forhand that your problem has someting to do with referrals and its just that. On top of that MS AD does a lot of things different than other LDAP servers. I don't have experience with AD but from this post it seems to me that AD won't follow a referral even if you ask it for. So you don't have to add a try catch clause but add code for manually following referrals in JNDIRealm if the LDAP Server can't do it, or you modify the LDAP context so the LDAP Server is asked to follow it for itself (which the poster says can't be done). If in mit LDAP DIT a uid is present two or more times the JNDIRealm denies authentication which is what should happen. And I don't have referrals which I only have if I want them. So my answer is don't modify the code or add handling of referrals they way the poster did and AD wants. Frerk Meyer EDEKA Aktiengesellschaft GB Datenverarbeitung Frerk Meyer CC Web Technologien New-York-Ring 6 22297 Hamburg Tel: 040/6377 - 3272 Fax: 040/6377 - 41268 mailto:[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
