Hello Jill, How did you solve this problem? I'm also facing the same.
Regards, Torgenes Felix Schumacher wrote: > > On Thu, 20 Jan 2011 13:10:06 -0600, Jill Han wrote: >> Still no luck after trying adCompat="true". > That option was added in 6.0.21, it is not present in any 5.5.x. I > didn't see your version when I first replyd, sorry. > > So you might try to update to a recent tomcat, which is always a good > idea. > > Bye > Felix >> >> Thanks, >> Jill >> >> -----Original Message----- >> From: Felix Schumacher [mailto:felix.schumac...@internetallee.de] >> Sent: Thursday, January 20, 2011 11:11 AM >> To: Tomcat Users List >> Subject: RE: how to configue tomcat ldap 2008 >> X-HOSTLOC: alverno.edu/10.0.60.9 >> >> Am Donnerstag, den 20.01.2011, 07:19 -0600 schrieb Jill Han: >>> Thanks for your reply. >>> 1. Apache Tomcat version is 5.5.15. >>> 2. Below is from the log file. >>> Jan 19, 2011 3:29:26 PM org.apache.catalina.realm.JNDIRealm >> authenticate >>> SEVERE: Exception performing authentication >>> javax.naming.PartialResultException [Root exception is >> javax.naming.CommunicationException: >> DomainDnsZones.emp.alverno.edu:389 >> [Root exception is java.net.UnknownHostException: >> DomainDnsZones.emp.alverno.edu]] >> You could try "adCompat='true'" as shown on >> http://tomcat.apache.org/tomcat-6.0-doc/config/realm.html, or maybe >> DomainDnsZones.emp.alverno.edu is really not a valid dns name in your >> environment. >> >> But since I don't have an ads server it is more or less a guess. >> >> Felix >> >>> However, usern...@emp.alverno.edu will be valid when the window >>> server >> is 2003. >>> 3. I haven't tested the query independently of Tomcat. I don't know >> how. If you have the instructions, it will be very helpful. >>> >>> Thanks again, >>> >>> Jill >>> -----Original Message----- >>> From: Christopher Schultz [mailto:ch...@christopherschultz.net] >>> Sent: Wednesday, January 19, 2011 4:45 PM >>> To: Tomcat Users List >>> Subject: Re: how to configue tomcat ldap 2008 >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Jill, >>> >>> On 1/19/2011 4:56 PM, Jill Han wrote: >>> > Here is the snippet of server.xml >>> > >>> > <Realm className="org.apache.catalina.realm.JNDIRealm" >>> > debug="99" >>> >>> debug isn't a valid attribute on any supported version of Tomcat. >>> What >>> version are you using? >>> >>> > connectionName="usern...@some.college.edu" >>> > connectionPassword="userPass" >>> > connectionURL="ldap://some.college.edu:389"; >>> >>> So these credentials still work in the new installation? >>> >>> > referrals="follow" >>> > userBase="dc=some,dc=college,dc=edu" >>> > userSearch="(sAMAccountName={0})" >>> > userRoleName="memberof" >>> > roleBase="dc=some,dc=college,dc=edu" >>> > roleName="cn" >>> > roleSearch="(uniqueMember={0})" >>> > userSubtree="true" >>> > roleSubtree="false" >>> >>> Have you tested your query independently of Tomcat to see if it >> matches >>> anything? >>> >>> > It is working on 2003 server. However when the server is upgraded >>> to >>> > window 2008, it is not working anymore. >>> > >>> > Any suggestions? >>> >>> What do the log files say? >>> >>> - -chris >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1.4.10 (MingW32) >>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ >>> >>> iEYEARECAAYFAk03aXcACgkQ9CaO5/Lv0PBOvACfbMbEFH+JxwlrEulx68NKe0OM >>> I1cAnAn5Yp82TQM2lXe+rXVu5xWIFqYL >>> =aYzD >>> -----END PGP SIGNATURE----- >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > -- View this message in context: http://old.nabble.com/how-to-configue-tomcat-ldap-2008-tp30714271p31057626.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
