Active Directory problem

**alvaro.sanchez** · Feb 9th, 2010, 05:29 AM

Hi all,

I receive the following exception when connecting to an AD:

Code:

<Searching for user 'd9999084', with user search [ searchFilter: '(CN={0})', searchBase: 'CN=Users', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]>
<Got Ldap context on server 'ldap://x.y.z:389/dc=desa,dc=domain,dc=net'>
<SecurityContextHolder now cleared, as request processing completed>
org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03151EFD, problem 2001 (NO_OBJECT), data 0, best match of:
	'DC=desa,DC=domain,DC=net'
]; remaining name 'CN=Users'

These are the related beans:

Code:

	<bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
		<constructor-arg value="ldap://x.y.z:389/DC=desa,DC=domain,DC=net"/>
	</bean>

	<bean id="userDetailsService"
		class="org.springframework.security.userdetails.ldap.LdapUserDetailsService">
		<constructor-arg index="0">
			<ref local="filterBasedLdapUserSearch" />
		</constructor-arg>
		<constructor-arg index="1">
			<ref local="ldapGroupsPopulator" />
		</constructor-arg>
	</bean>
	<bean id="filterBasedLdapUserSearch"
		class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
		<constructor-arg index="0">
			<value>CN=Users</value>
		</constructor-arg>
		<constructor-arg index="1">
			<value>(CN={0})</value>
		</constructor-arg>
		<constructor-arg index="2">
			<ref bean="contextSource" />
		</constructor-arg>
		<property name="searchSubtree" value="true" />
	</bean>
	<bean id="ldapGroupsPopulator"
		class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
		<constructor-arg>
			<ref bean="contextSource" />
		</constructor-arg>
		<constructor-arg>
			<value>CN=Users</value>
		</constructor-arg>
		<property name="searchSubtree" value="true" />
		<property name="groupRoleAttribute" value="CN" />
		<property name="groupSearchFilter" value="(member={0})" />
		<property name="rolePrefix" value="ROLE_" />
	</bean>

In the AD, this is the DN of the user as seen with an LDAP browser tool:

Code:

CN=d9999084,CN=Users,DC=desa,DC=domain,DC=net

The base DN as returned by the server is:

Code:

DC=desa,DC=domain,DC=net

I'm using Spring Security 2.0.4 and Spring LDAP 1.3.0

Thanks in advance.

Thread: Active Directory problem

Thread Tools

Display

Hybrid View

Active Directory problem

Tags for this Thread

Posting Permissions