troubleshooting Question

JNDI Realm Configuration Review please

Avatar of Effin_Ell
Effin_Ell asked on
Web Development* LDAPWeb ApplicationsActive DirectoryLinux OS Dev
1 Comment1 Solution283 ViewsLast Modified:
My Tomcat web application logs are telling me the user1 isn't in the specified mapped LDAP role/group coming from AD. I believe my issues lie with the JNDI Realm definition. Can someone review it please and see where I may be going wrong, I've included the DN information from AD as well:

My user1 account DN is

DistinguishedName : CN=user1,OU=Users,OU=Lab,DC=example,DC=com

The role/group Users I have specified in the web.xml config is

DistinguishedName : CN=Users,CN=Builtin,DC=example,DC=com

My Realm configuration is

<Realm
   className="org.apache.catalina.realm.JNDIRealm"
   debug="99"
   connectionURL="ldap://example.com:389"
   authentication="simple"
   referrals="follow"
   connectionName="cn=administrator,cn=users,dc=example,dc=com"
   connectionPassword="##########"
   userSearch="(sAMAccountName={0})"
   userBase="cn=users,dc=example,dc=com"
   userSubtree="true"
   userRoleName="memberOf"
   roleSearch="(member={0})"
   roleName="cn"
   roleSubtree="true"
   roleBase="cn=users,cn=builtin,dc=example,dc=com"/>
ASKER CERTIFIED SOLUTION
Effin_Ell

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros