Open Source Document Management System | OpenKM

PostPosted:**Wed Jun 17, 2009 3:16 pm**

I am trying to configure OpenKM to use the LDAP here, however it doesn\'t seem to be able to find the bind user (despite it being correct).

I receive the following error:

2009-06-17 11:15:31,608 DEBUG [org.jboss.security.auth.spi.LdapExtLoginModule] Bad password for username=dignan
javax.naming.AuthenticationException: [LDAP: error code 49 - SASL(-13): user not found: no user in database uid=openkm,cn=users,dc=sub,dc=domain,dc=tld]

This is my configuration part of login-config.xml:

Code: Select all

<!-- OpenKM -->
 <application-policy name = \"OpenKM\">
  <authentication>
   <login-module code=\"org.jboss.security.auth.spi.LdapExtLoginModule\" flag=\"required\" >
    <module-option name=\"java.naming.provider.url\">ldap://sub.domain.tld:389</module-option>
    <module-option name=\"bindDN\">uid=openkm,cn=users,dc=sub,dc=domain,dc=tld</module-option>
    <module-option name=\"java.naming.security.authentication\">CRAM-MD5</module-option>
    <module-option name=\"bindCredential\">password</module-option>
    <module-option name=\"baseCtxDN\">cn=users,dc=sub,dc=domain,dc=tld</module-option>
    <module-option name=\"baseFilter\">(uid={0})</module-option>
    <module-option name=\"rolesCtxDN\">cn=groups,dc=sub,dc=domain,dc=tld</module-option>
    <module-option name=\"roleFilter\">(memberUid={0})</module-option>
    <module-option name=\"roleAttributeID\">cn</module-option>
    <module-option name=\"roleRecursion\">-1</module-option>
    <module-option name=\"defaultRole\">UserRol</module-option>
    <module-option name=\"allowEmptyPasswords\">False</module-option>
   </login-module>
  </authentication>
 </application-policy>

PostPosted:**Fri Jun 19, 2009 6:03 am**

So I finally got this working.

This configuration works on an Mac OS 10.5.6 Open Directory Server:

Code: Select all

       <login-module code=\"org.jboss.security.auth.spi.LdapExtLoginModule\" flag=\"sufficient\" >
       <module-option name=\"java.naming.factory.initial\">
        com.sun.jndi.ldap.LdapCtxFactory
       </module-option>
       <module-option name=\"java.naming.provider.url\">
        ldap://sub.domain.tld:389/
       </module-option>
       <module-option name=\"java.naming.security.authentication\">
        simple
       </module-option>
       <module-option name=\"bindDN\">uid=openkm,cn=users,dc=sub,dc=domain,dc=tld</module-option>
       <module-option name=\"bindCredential\">password</module-option>
       <module-option name=\"baseCtxDN\">dc=sub,dc=domain,dc=tld</module-option>
       <module-option name=\"baseFilter\">(uid={0})</module-option>
       <module-option name=\"rolesCtxDN\">cn=groups,dc=sub,dc=domain,dc=tld</module-option>
       <module-option name=\"roleFilter\">(memberUid={0})</module-option>
       <module-option name=\"roleAttributeIsDN\">false</module-option>
       <module-option name=\"roleAttributeID\">cn</module-option>
       <module-option name=\"roleRecursion\">1</module-option>
       <module-option name=\"searchTimeLimit\">5000</module-option>
       <module-option name=\"searchScope\">SUBTREE_SCOPE</module-option>
       <module-option name=\"defaultRole\">UserRol</module-option>
      </login-module>

Hope that helps someone.

PostPosted:**Sat Jun 20, 2009 4:47 pm**

Good job.

Now for total integration you need to create some class that implements PrincipalAdapter. That\'s need for OpenKM to get user and group list.

PostPosted:**Thu Aug 13, 2009 9:00 am**

Hello,
I\'ve got a Simular problem

Code: Select all

[org.jboss.security.auth.spi.LdapExtLoginModule] Bad password for username=q-storm
javax.naming.NamingException: Can\'t follow referal for authentication:

OpenKM is installed on an Centos 5.3

Die anyone had that problem before??

Tanks
Q-Storm

PostPosted:**Tue Aug 18, 2009 10:00 am**

is fixed

PostPosted:**Wed Sep 15, 2010 12:57 pm**

Is there need to write Java code for integration of LDAP with OpenKM?

Or just need to change login-cfg and OpenKM.cfg files??

PostPosted:**Thu Sep 16, 2010 5:19 pm**

NOw is not necessary writing java class, all is made with configuration params

PostPosted:**Fri Sep 17, 2010 8:12 am**

Thanx,,...
could you please give me details about how i can configure openkm . so that when i login to LDAP same login automatically gets logged into open KM.
what is require to configure LDAP integration with open KM?..
plz reply me .with details...

PostPosted:**Fri Sep 17, 2010 8:15 am**

could you please give me details about how i can configure openkm . so that when i login to LDAP same login automatically gets logged into open KM.
what is require to configure LDAP integration with open KM?..
plz reply me .with details for windows xp

PostPosted:**Sat Sep 18, 2010 8:26 am**

In installation guide it's well explained but it's a locked documentation ( part of OpenKM network ) basically because we considering it's only for more professional installations.

You can search in forum about ldap, there's some well explained looking for "LdapPrincipalAdapter"

Open Source Document Management System | OpenKM

LDAP Configuration

LDAP Configuration

Re:LDAP Configuration

Re:LDAP Configuration

Re:LDAP Configuration

Re:LDAP Configuration

Re: LDAP Configuration

Re: LDAP Configuration

Re: LDAP Configuration

Re: LDAP Configuration

Re: LDAP Configuration