Avatar of Effin_Ell
Effin_Ell
 asked on

JNDI Realm Configuration Review please

My Tomcat web application logs are telling me the user1 isn't in the specified mapped LDAP role/group coming from AD. I believe my issues lie with the JNDI Realm definition. Can someone review it please and see where I may be going wrong, I've included the DN information from AD as well:

My user1 account DN is

DistinguishedName : CN=user1,OU=Users,OU=Lab,DC=example,DC=com

Open in new window


The role/group Users I have specified in the web.xml config is

DistinguishedName : CN=Users,CN=Builtin,DC=example,DC=com

Open in new window


My Realm configuration is

<Realm
   className="org.apache.catalina.realm.JNDIRealm"
   debug="99"
   connectionURL="ldap://example.com:389"
   authentication="simple"
   referrals="follow"
   connectionName="cn=administrator,cn=users,dc=example,dc=com"
   connectionPassword="##########"
   userSearch="(sAMAccountName={0})"
   userBase="cn=users,dc=example,dc=com"
   userSubtree="true"
   userRoleName="memberOf"
   roleSearch="(member={0})"
   roleName="cn"
   roleSubtree="true"
   roleBase="cn=users,cn=builtin,dc=example,dc=com"/>

Open in new window

Web Development* LDAPWeb ApplicationsActive DirectoryLinux OS Dev

Avatar of undefined
Last Comment
Effin_Ell

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Effin_Ell

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes