Contributions
Re: LDAP: Multiple OU's
I'm also using Wireshark to troubleshoot and this is what I've found: 1142 16.255135000 192.168.1.10 192.168.2.20 LDAP 111 bindRequest(1) "adminuser@mydomain" simple 1143 16.283321000 192.168.2.20 192.168.1.10 LDAP 76 bindResponse(1) success 1144 16.283549000 192.168.1.10 192.168.2.20 LDAP 129 searchRequest(2) "dc=my,dc=domain" wholeSubtree 1149 16.311655000 192.168.2.20 192.168.1.10 LDAP 499 searchResEntry(2) "CN=John Doe,OU=Users,OU=California,DC=my,DC=domain" | searchResRef(2) | searchResRef(2) | searchResRef(2) | searchResRef(2) | searchResRef(2) | searchResDone(2) success [1 result] 1153 16.316424000 192.168.1.10 192.168.2.144 LDAP 111 bindRequest(1) "adminuser@mydomain" simple 1154 16.317344000 192.168.2.144 192.168.1.10 LDAP 164 bindResponse(1) invalidCredentials (80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1) 1973 26.378798000 192.168.1.10 192.168.2.14 LDAP 111 bindRequest(1) "adminuser@mydomain" simple 1975 26.439360000 192.168.2.14 192.168.1.10 LDAP 76 bindResponse(1) success 1976 26.439637000 192.168.1.10 192.168.2.14 LDAP 147 searchRequest(2) "DC=DomainDnsZones,DC=my,DC=domain" wholeSubtree 1977 26.498631000 192.168.2.14 192.168.1.10 LDAP 76 searchResDone(2) success [0 results]2305 31.497416000 192.168.1.10 192.168.2.14 LDAP 61 unbindRequest(3)1.3KViews0likes0CommentsLDAP: Multiple OU's
Hi, I am having intermitent log in issues when using userPatternArray for multiple OU's. If I delete webapps and work folders and restart server (sometimes restarting service is not enought) users are able to log in with no issues, later on the day users start reporting that they cannot log in after multiple tries. I check the error log and collab log and I can see the error messages. If they wait about 5-10minutes and try again they are able to log in. This does not happen if I use only one OU. note: I used JXplorer to troubleshoot LDAP and I am able to search all users with no issues. Below is my Root.xml, error log, and collab log. Any suggestions will be appreciated. I have submitted a few emails to the support team but we haven't found a solution. -------------------------- Root.xml http://tomcat.apache.org/tomcat-5.5-doc/config/context.html --> <Context docBase="${catalina.home}/wars/smartbear-ccollab-server.war" path="" privileged="true" reloadable="false"> <Valve className="com.smartbear.ccollab.auth.AuthTicketValve" collabDbJndiName="/jdbc/collabserver"/> <Valve className="com.smartbear.ccollab.auth.CollabFormAuthenticator" seed="ba3acb2ec9cc2a582aaa9031c60d40a5"/> <Valve characterEncoding="UTF-8" className="org.apache.catalina.authenticator.FormAuthenticator"/> <!-- Code Collaborator database configuration. The underlying database is exposed as a named resource in the application's JNDI namespace at the well-known name "/jdbc/collabserver". Because this well-known name is also used directly in the software, it *must not* be changed. However, the underlying datasource can be configured to support the specific configuration that is desired. For information on configuring Data Sources, see documentation available at: http://tomcat.apache.org/tomcat-5.5-doc/jndi-datasource-examples-howto.html Keep in mind that Code Collaborator does not necessarily support all of the databases that are documented in the Data Source documentation. --> <Resource driverClassName="com.mysql.jdbc.Driver" maxActive="100" maxIdle="20" maxWait="10000" name="/jdbc/collabserver" password="mypassword2" removeAbandoned="true" removeAbandonedTimeout="120" scope="Sharable" testOnBorrow="true" type="javax.sql.DataSource" url="jdbc:mysql://localhost:3306/codecollab?useServerPrepStmts=false&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true" username="username" validationQuery="SELECT 1"/> <Realm allRolesMode="strictAuthOnly" className="org.apache.catalina.realm.JNDIRealm" connectionName="myusername@mydomain" connectionPassword="mypasswordhere" connectionURL="ldap://192.168.1.10:389" referrals="follow" userBase="dc=my,dc=domain" userPatternArray="(OU=Users,OU=Alaska,DC=my,dc=domain):(ou=users,ou=California,ou=San Jose,dc=my,dc=domain):(OU=Users,OU=Texas,OU=Houston,DC=my,DC=domain)" userSearch="(sAMAccountName={0})" userSubtree="true" /> Code Collaborator Parameters Configuration parameters made available to the Code Collaborator application. --> <Parameter description="Is the Code Collaborator database used for authentication?" name="collaborator-authentication" override="false" value="false"/> <Parameter description="Should older, less secure, clients be allowed to connect to the Code Collaborator server." name="client-compatibility" override="false" value="false"/> <Parameter description="The name of the Code Collaborator system administrator who is always allowed to log in." name="system-administrator" override="false" value="myadmin"/> <Parameter description="Directory (relative to tomcat) where Code Collaborator caches file contents." name="content-cache" override="false" value="collaborator-content-cache"/> <!-- The following parameter is used for migrating data from one database type to another.Please read the documentation on database migration carefully before changing this value. --> <Parameter description="Full path to migration/backup database to restore" name="database-migration-data-path" override="false" value="c:\path\to\database\backup\file.zip"/> </Context> -------------------------------- Collab log: WARN http-80-1 com.smartbear.ccollab.AuthTicketFilter - Login failed for user: jdoe 2013-04-17 21:09:34,869 WARN http-80-2 com.smartbear.ccollab.rpc.RpcGwtServlet$GwtInvocationHandler - Could not authenticate user 'jdoe' using password ------------------------------- Error Log: Error " Caused by: javax.naming.CommunicationException: DOMAIN.COM:389 [Root exception is java.net.SocketTimeoutException: connect timed out]" Caused by: java.net.SocketTimeoutException: connect timed out Apr 23, 2013 9:18:15 AM org.apache.catalina.realm.JNDIRealm authenticate SEVERE: Exception performing authentication javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: mydomain:389 [Root exception is java.net.SocketTimeoutException: connect timed out]]6.2KViews0likes1Comment- 9KViews0likes1Comment