Author Topic: Re: Active Directory / LDAP integration  (Read 6906 times)

Shabby

  • EA Novice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Active Directory / LDAP integration
« on: May 25, 2021, 10:10:00 pm »
Can anyone Help with this ,How can i connect my Keystore with active Directory ,i am getting the following error n logs
"2021-05-25 16:28:54 [WARNING [ACTIVEDIRECTORYGROUP_AM] WARN: No permitted ActiveDirectory group name provided in the AUTHMETHOD_OPTIONS configuration property.
2021-05-25 16:28:54 [WARNING]: WARN Unable to start AuthenticationManager as the specified AuthenticationModule could not be started"

Boron

  • EA User
  • **
  • Posts: 111
  • Karma: +6/-0
    • View Profile
Re: Active Directory / LDAP integration
« Reply #1 on: July 16, 2021, 05:01:46 pm »
Check in your keystore config file if you truly have no space characters in the line of AUTHMETHOD_OPTIONS
AUTHMETHOD=AM_ACTIVEDIRECTORY
AUTHMETHOD_OPTIONS=yourAdUserGroup


Or if you use AUTHMETHOD=AM_ACTIVEDIRECTORYEX:
Check in your *.adconfig file if you have no space characters in the "Name" line
GROUP
   # The common name of the Active Directory group
   Name=yourAdUserGroup
   ...


Maybe that helps.

Geert Bellekens

  • EA Guru
  • *****
  • Posts: 11300
  • Karma: +421/-33
  • Make EA work for YOU!
    • View Profile
    • Enterprise Architect Consultant and Value Added Reseller
Re: Active Directory / LDAP integration
« Reply #2 on: July 16, 2021, 05:22:15 pm »
What happens if the AD group name has a space?
Is that not supported?

Geert

Boron

  • EA User
  • **
  • Posts: 111
  • Karma: +6/-0
    • View Profile
Re: Active Directory / LDAP integration
« Reply #3 on: July 16, 2021, 10:12:48 pm »
Oops, I forgot to mention that there shall be no space before or after the "=" character.
Good: AUTHMETHOD_OPTIONS=yourAdUserGroup
Bad: AUTHMETHOD_OPTIONS = yourAdUserGroup

I have no clue what happens if the AD group name itself contains spaces. I am not an "AD guy". Somehow I would expect that AD groups with spaces in its name are impossible on AD server side.
But if this is possible I would have tried: AUTHMETHOD_OPTIONS="your Ad User Group".

Geert Bellekens

  • EA Guru
  • *****
  • Posts: 11300
  • Karma: +421/-33
  • Make EA work for YOU!
    • View Profile
    • Enterprise Architect Consultant and Value Added Reseller
Re: Active Directory / LDAP integration
« Reply #4 on: July 16, 2021, 10:17:30 pm »
AD definitely allows spaces in group names (they can't start with a space though)

Geert