LDAP authentication problem

Greetings,
We're attempting to install Teamcity on our CentOS 5.5 Linux server, we're using Java v1.6.0_21 and wish to authenticate with our existing OpenLDAP server.

Our LDAP server is working fine, it's handling authentication on many other systems, and applications, so I know the LDAP server is not part of the problem.

I've enabled debug output on teamcity and am seeing the following output when attempting to login to Teamcity.


[2010-07-22 11:54:46,098]  DEBUG -     jetbrains.buildServer.LDAP - Failed to login user 'ddobies'. Cause: Invalid DN syntax ([LDAP: error code 34 - invalid DN])
javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN]



Our ldap-config.properties file costs of:
java.naming.provider.url=ldap://ldap01.ourcompany.com:389/dc=ourcompany,dc=com


I logged into our ldap server and watched for the login error  and see the following:
Jul 22 12:54:46 ldap01 slapd[22392]: conn=3120430 fd=209 ACCEPT from IP=192.168.xx.xx:55550 (IP=192.168.xx.xx:389)
Jul 22 12:54:46 ldap01 slapd[22392]: conn=3120430 op=0 do_bind: invalid dn (ddobies)
Jul 22 12:54:46 ldap01 slapd[22392]: conn=3120430 op=0 RESULT tag=97 err=34 text=invalid DN
Jul 22 12:54:46 ldap01 slapd[22392]: conn=3120430 fd=209 closed (connection lost)


Any ideas on what I'm doing wrong?

Thanks!
Doug

9 comments

Hi Doug,

Could you please provide the full ldap-config.properties file?


---
Maxim

0

Hi Maxim,
There's very little modified aside from site specific items, however here is our config file.

Thanks!
Doug



Attachment(s):
ldap-config.properties.zip
0

OK. I see.
I have an idea on what might be happening: the actual error is authentication error, but it is reported in this strange way.
Please try to set formatDN so that it transforms the $login$ into full DN.


---
Maxim

0

Hi Maxim,
We're getting further along now, but we're are seeing
due to authentication error. Cause: Invalid credentials  ([LDAP: error code 49 - Invalid Credentials])


Thanks!
Doug

0

Hi Doug,

Yes, that's what I meant - the problem is "Invalid Credentials". Provide you configuration and logs please.


---
Maxim

0

Maxim,
Here is the current ldap-config.properties file, and log output.

Thanks!
Doug



Attachment(s):
teamcity-ldap.log.zip
ldap-config.properties.zip
0

Hi Doug,

I don't see any obvious mistakes in the config. Please note that many LDAP servers require full DN as the username, so check that your full DN in LDAP is exactly "uid=ddobies,cn=cognosmanager,dc=cognos,dc=genscape,dc=meta"
Also consider tuning java.naming.security.authentication property (can be "none", "simple" and "strong").


---
Maxim

0

Maxim,
I've switched java.naming.security.authentication to none and that worked.

Thanks!
Doug

0

Do NOT change the setting mentioned above to "none". It will completely disable authentication checks and allow anyone to login into any user.

I know that this is old but I stumbled upon this with a Google search and wanted to warn others coming here.

0

Please sign in to leave a comment.