Menu
▾
▴
Re: [Exist-open] LDAP authentication
|
From: Craig B. <cra...@ma...> - 2023-07-21 19:07:04
|
> On Jul 19, 2023, at 8:21 AM, Jo Calder <Jo....@ha...> wrote: > > I am trying to get LDAP authentication to work against a Samba AD DC setup. Here's an anonymized version of my config.xml <snip> > Does anyone have this or similar setup working? > > Install details are: > eXist Version: 5.3.1 [but also relevant on later builds] eXist Build: 20211214004738 Operating System: Linux 3.10.0-1062.12.1.el7.x86_64 amd64 Java Version: 1.8.0_242 > > Any tips or hints are very welcome. Best regards, -- Jo > I've never tried LDAP with eXist, but if you haven't already done so be sure to verify LDAP is working independently of eXist and that the TLS situation is up to snuff (valid, unexpired cert, etc.). Start with something like: $ openssl s_client -showcerts samba-ad-dc.local.my-domain.com:636 <http://samba-ad-dc.local.my-domain.com:636/> There are also various ldapsearch commands, and Samba apparently has logging options that might tell you what the exact authentication error is. ________________________________________ Craig A. Berry "... getting out of a sonnet is much more difficult than getting in." Brad Leithauser |
