Unable to configure LDAP on Gluu

By: Altaf Syed user 30 May 2016 at 5:23 a.m. CDT

11 Responses
Altaf Syed gravatar
Hi, Please some one provide me Detail configuration steps for Configration LDAP on Gluu ,as i have trying since 4 days and we would like integrate GLUU with LDAP authentication ,i have follow the given Gluu Document Configuration , But still we unable to link LDAP with GLUU,Kindly help us to resolve this ASAP. Expecting Complete solution for LDAP implementation on GLUU Regards, Ali
U1404
closed

Answers

By Aliaksandr Samuseu staff 30 May 2016 at 6:23 a.m. CDT

Copy
Aliaksandr Samuseu gravatar
Hi, Altaf. It's not clear what your problem actually is. Is it about authentication against LDAP backend, about CR, or about some custom script? Please provide link to a guide you said you were trying to follow. Regards, Alex.

By Altaf Syed user 30 May 2016 at 6:34 a.m. CDT

Copy
Altaf Syed gravatar
Hi Aliaksandr, We are trying to map LDAP user in to Gluu server but we unable to authenticate , as we are providing a complete details as per the Document , Please suggest me for more details steps to configure LDAP on Gluu Regards, Ali Altaf

By Aliaksandr Samuseu staff 30 May 2016 at 6:58 a.m. CDT

Copy
Aliaksandr Samuseu gravatar
I take it it's about authentication against LDAP backend. You need to achieve 2 things: 1. Configure Cache Refresh to import users from your backend into Gluu 2. Configure LDAP authentication itself. Here is a first video in series of our official tutorials for CR/LDAP auth (others are accessible from context links): [link](https://www.youtube.com/watch?v=VnyCTUCRkic) And this is a step-by-step pdf guide on both CR and LDAP auth: [link](https://www.gluu.org/docs/cache-refresh/GluuCache-Refresh.pdf)

By Michael Schwartz Account Admin 30 May 2016 at 10:31 a.m. CDT

Copy
Michael Schwartz gravatar
Altaf, you have not provided even 10% of the information we need to help you. My guess is that you want to configure an LDAP client to use the Gluu OpenDJ server for authentication. Please provide the following information: 1. What client are you using? 2. What is the BindDN, BaseDN, host, port, and base DN that you are using for your client configuration? 3. LDAPS (tcp/1636) is not open by default on the Gluu Server. Can you even connect to it? 4. Have you imported the self-signed ldap cert into your client (or are you using trust-all)? 5. Have you checked the [OpenDJ 3.0 admin guide](https://backstage.forgerock.com/#!/docs/opendj/3)? We have almost no modifications to the base distribution. 6. Is there a reason you are not using 2.4.3? BTW, if I am wrong, and you are trying to configure cache refresh as Alex thinks, please attach screenshots with all screens so we can see how you are configuring it. Also, we'd need to see the oxtrust cache refresh log.

By Altaf Syed user 31 May 2016 at 4:44 a.m. CDT

Copy
Altaf Syed gravatar
Hi Mic, Yes your right we are trying configure New Setup of LDAP with New GLUU Server, But we still facing issue on the same kindly help me to resolve this , Please find below details as per your request. What client are you using? Linux LDAP, What is the BindDN, BaseDN, host, port, and base DN that you are using for your client configuration? BinDN:cn=admin BaseDN:dc=levadata,dc=com host:ldapserver.levadata.com Port:1636 base DN:o=site LDAPS (tcp/1636) is not open by default on the Gluu Server. Can you even connect to it? NO Have you imported the self-signed ldap cert into your client (or are you using trust-all)? NO Have you checked the OpenDJ 3.0 admin guide? We have almost no modifications to the base distribution. NO Is there a reason you are not using 2.4.3? any changed on 2.4.3 compare to 2.4.2 ?
Video or screenshot link

By Altaf Syed user 31 May 2016 at 5:39 a.m. CDT

Copy
Altaf Syed gravatar
Please find below link for logs
Video or screenshot link

By Altaf Syed user 31 May 2016 at 7:19 a.m. CDT

Copy
Altaf Syed gravatar
find Cache refresh logs
Video or screenshot link

By Mohib Zico Account Admin 31 May 2016 at 9:24 a.m. CDT

Copy
Mohib Zico gravatar
Altaf, >> 2016-05-31 12:11:04,775 ERROR [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (pool-4-thread-5) Failed to connect to LDAP server using configuration ldapserver.levadata.com This is the reason of your failure. Please make sure your Gluu Server can talk to your backend server. Check hostname, port, bindDN, binDN password and baseDN.

By Michael Schwartz Account Admin 31 May 2016 at 9:25 a.m. CDT

Copy
Michael Schwartz gravatar
content must be public on community support.

By Aliaksandr Samuseu staff 31 May 2016 at 10:24 a.m. CDT

Copy
Aliaksandr Samuseu gravatar
Altaf, in addition to what Zico & Michael recommended - if you are using DNS names instead of ips in your configuration please also make sure your name resolution inside container works. By default there should be 8.8.8.8 server in `/etc/resolv.conf`, but it may be blocked by some firewall etc.

Post an answer