ldap

问题 We built a web application (running on our intranet) that relies on our LDAP directory (active directory) for it's users. Instead of 'syncing' the directory users with say a 'user' table in our application database (MySQL) we use the LDAP directory just like we use databases. When creating a relation between an entity pulled from MySQL and an LDAP user we use the user GUID (which is a unique string). Our directory will never have more than 300 users (never). We installed a dedicated DC

问题 I have the following: class LDAPConnection { private $ldapServers = array( "ldap://serv1", "ldap://serv2" ); private $ldapUsername = "DOMAIN\\%s"; function login($username, $password) { $user = sprintf($this->ldapUsername, $username); // Make sure password is not empty (http://stackoverflow.com/a/172042/561731) if(!empty($password)) { foreach($this->ldapServers as $server) { try { $ldap = \ldap_connect($server); \ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); if($bind = \ldap_bind(

问题 We have a large LDAP directory that we're currently returning all users from. We iterate through the list of users, and compare what we've saved locally to find those that either no-longer exist, or that are new, then create/delete them locally. The problem is that this operation takes HOURS to complete. I think the solution to this would be to define a more specific search query to Directory Services and only return those users that have been modified in the last 24 hours (or whenever it

问题 I am trying to run a tomcat JNDIRealm using using Kerberos for authentication (authentication="GSSAPI"). However, I'm getting this: SEVERE: Catalina.start: LifecycleException: Exception opening directory server connection: javax.naming.AuthenticationException: GSSAPI [Root exception is javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null)) ]] I have this in

问题 I'm trying to create a new partition in the root of a ApacheDS Lightweight Directory using JNDI/LDAP. I've failed trying to add it using bind and createSubcontext within the root context. I'm able to create a partition using Apache Directory Studio. Is there a way to programmatically add one using JNDI? 回答1: You cannot create a new partition using code, you first need to configure the partition in the server.xml(if you are using version <= 1.5.7) or in the ou=config area if you are using the

问题 I am getting access violation exceptions when running the code below when the CertFreeCertificateContext method is invoked. I imagine it is because of the way the pServerCert argument is being Mashalled on the LdapServerCertDelegate but have been unable to find a solution. using System; using System.Runtime.InteropServices; namespace ldaptest { class Program { static void Main(string[] args) { new LdapAuthenticationProvider().AuthenticateUser("a.qas", "a", "administrator", "test123"); } }

问题 Just stood up a brand new SonarQube 6.7.1 server and configured it to authenticate users via the LDAP plugin ( 2.2 build 608 ). So far so good. However, when users trying to run a command line scan using maven with a token: mvn sonar:sonar -Dsonar.login=438fd33be6d6e5c9146c674717fea4675f0eb ...they get the following error: Not authorized. Please check the properties sonar.login and sonar.password. The Sonar logs are showing: 2018.01.19 18:20:14 DEBUG web[AWELLmgpg7dbJTF2AALW][o.s.p.l

问题 I'm trying to find an employee in Active Directory using the following c# code: "Select userPrincipalName, ADsPath, Department, Mail, HomeMDB, cn, ssn FROM 'LDAP://" + DomainName + "' WHERE objectCategory = 'person' and sAMAccountName = '" + UserName.Replace("'", "''") + "'"; When I run this for an employee with a single quote in the last name (such as "O'Connor") I get the following error: AdsDsoObject' failed with no error message available, result code: DB_E_NOTABLE(0x80040E37). I also

问题 I have this little problem. I want to authenticate user against LDAP (Windows Active Directory), everything works OK, but the combination (good user, good password, wrong domain). LDAP* ldap = ldap_init(L"myserver", 389); ULONG ldap_version = 3; ULONG ret = LDAP_SUCCESS; ret = ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, (void*)&ldap_version); ret = ldap_connect(ldap, NULL); SEC_WINNT_AUTH_IDENTITY ai; ai.Domain = (unsigned short*)BAD_DOMAIN; ai.DomainLength = wcslen(BAD_DOMAIN); ai.User

问题 I am trying to authenticate against our institutional LDAP server with the command ldapsearch . My user info in LDAP is shown in the following image I used this command below to search by my DN: ldapsearch -x -H ldap://ldap.mdanderson.edu:389 -D "CN=Djiao,OU=Institution,OU=People" -b DC=mdanderson,DC=edu -w xxxyyyzzz However I got the error: ldap_bind: Invalid credentials (49) additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 What is