> I'm trying to get a JNDI Realm working as one might expect with Active
> Directory.
>
> Tomcat 5.5.20
> Java 1.5.06
> Windows 2000 Server
>
> The basic issue is that searching from a domain root "dc=company,dc=com" and
> using userSubtree="true" results in:
>
> Oct 31, 2006 3:18:20 PM org.apache.catalina.realm.JNDIRealm authenticate
> SEVERE: Exception performing authentication
> javax.naming.PartialResultException: Unprocessed Continuation Reference(s);
> remaining name 'dc=company,dc=com'
>
> If I use a more specific search base of "ou=Employees,dc=company,dc=com" and
> then the userSubtree is irrelevant, it works fine.
>
> Problem is our AD structure demands that users be in two different OU's and
> thus the search must be done from the root. I understand that AD does not
> handle referrals as expected and that could be contributing.
http://www.mail-archive.com/cas@tp.its.yale.edu/msg00797.html
In this case I suggest adjusting the local hosts file to fool DNS
(c:\windows\system32\drivers\etc\hosts). Find out the wrong DNS name in
the referral and point that name to your real AD.
-- Velpi
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|