Details
-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
-
None
Description
From: <grouper-users-request@internet2.edu> on behalf of Darren Boss <darren.boss@computecanada.ca>
Date: Thursday, October 18, 2018 at 9:24 AM
To: "grouper-users@internet2.edu" <grouper-users@internet2.edu>
Subject: [grouper-users] LDAP subject configuration issues
Just a note about how confused I was in setting up ldap as a subject source in Grouper 2.4 when following instructions in the base configuration files.
|
|
In grouper-loader.properties
|
|
|
#################################
|
|
|
## LDAP connections
|
|
|
#################################
|
|
|
# specify the ldap connection with user, pass, url
|
|
|
# the string after "ldap." is the ID of the connection, and it should not have |
|
|
# spaces or other special chars in it. In this case is it "personLdap" |
|
|
|
|
|
|
#note the URL should start with ldap: or ldaps: if it is SSL. |
|
|
#It should contain the server and port (optional if not default), and baseDn, |
|
|
#e.g. ldaps://ldapserver.school.edu:636/dc=school,dc=edu |
|
|
|
|
|
|
and in subject.base.properties
|
|
|
# base dn to search in
|
|
|
#subjectApi.source.example.search.searchSubject.param.base.value = ou=people,dc=example,dc=edu
|
I'm doing overlay config so copying into the non .base. property files. Am I wrong in thinking this misleads people into misconfiguration of their LDAP subject source? Should I be setting up my ldap configuration in another way?
Removing the base dn from the ldap url but keeping it in the subject.properties fixed my issue but it took me almost a full day to figure this out and the while the logs were telling me the subject is wasn't being found ([LDAP: error code 32 - No Such Object]) I felt like I was following the correct setup instructions.