archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chernikov, Pavel" <Pavel.Cherni...@siriusxm.com>
Subject Problem with setting up Active Directory authentication and groups
Date Fri, 14 Nov 2014 04:59:53 GMT
Hi. I'm trying to set up Archiva Active Directory authentication and group mapping.

Running into 2 problems -


1)      I'm getting [[LDAP: error code 4 - Sizelimit Exceeded]] error - some kind of LDAP
paging limitation, and I'm only getting 1000 users back, and that's all I see under USERS
-> Manage. Does Archiva support LDAP paging? If not, any suggestions on how to proceed?


2)      There aren't any groups under "LDAP Groups" in LDAP/Roles Mapping.

* I have LDAP User Manager under UserManager(s) chosen
* I have LDAP RBac Manager under RbacManager(s) chosen

Archiva.xml ldap section is as following:

<ldap>
<config>
<groups>
<member>member</member>
<class>group</class>
</groups>
<max>
<result>
<count>2000</count>
</result>
</max>
<mapper>
<attribute>
<fullname>cn</fullname>
<user>
<object>
<class>user</class>
</object>
<id>sAMAccountName</id>
</user>
<email>mail</email>
<password>unicodePwd</password>
</attribute>
</mapper>
<user>
<attribute>sAMAccountName</attribute>
</user>
</config>
<bind>
<authenticator>
<allowEmptyPasswords>false</allowEmptyPasswords>
</authenticator>
</bind>
</ldap>


<ldapConfiguration>
<ssl>false</ssl>
<bindAuthenticatorEnabled>false</bindAuthenticatorEnabled>
<writable>false</writable>
<useRoleNameAsGroup>false</useRoleNameAsGroup>
<hostName>XYZ</hostName>
<port>389</port>
<baseDn>OU=User Accounts</baseDn>

<baseGroupsDn>dc=corp</baseGroupsDn>
<contextFactory>com.sun.jndi.ldap.LdapCtxFactory</contextFactory>
<bindDn>CN=XYZ </bindDn>
<bindDn>OU=XYZ</bindDn>
<bindDn>OU=XYZ</bindDn>
<bindDn>DC=XYZ</bindDn>
<password>XYZ</password>
<authenticationMethod>simple</authenticationMethod>
<bindDn>DC=XYZ</bindDn>
<bindDn>DC=XYZ</bindDn>

<baseGroupsDn>dc=XYZ</baseGroupsDn>
<baseGroupsDn>dc=XYZ</baseGroupsDn>
<baseDn>OU=XYZ</baseDn>
<baseDn>DC=XYZ</baseDn>
<baseDn>DC=XYZ</baseDn>
<baseDn>DC=XYZ</baseDn>
</ldapConfiguration>

Any ideas / suggestions are appreciated.

Thanks,
-Pavel



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message