WebsiteJresearch Software Blog
Using LDAP with Flexess (Part 2)
Mar 10, 2009 by Stanislav Spiridonov
In this article we will discuss setuping up and managing a connection between Flexess and an LDAP.
To creating a new LDAP UMI Connection in Flexess Administrator you need to to the following:
- Click the Server Management tab and then create the UMI connection.
- Select jresearchsoft.flexess.ldap from the dropdown list.
You will see the following LDAP connection form:
. - Fill in the name of created connection with an optional description (1) and the name of the host and port where the LDAP Server is run (2). If you are not sure about the Base DN field, leave it empty.
- Set the Use anonymous connection (3) to "yes" or enter the full Distinguish Name (DN) and password (4) of the user whose account is to be used to connect to the LDAP server.
- The object class field (5) defines the object class of user records in LDAP. By default it is a person. The connector treats all objects with a given class as user records.
- The user id attribute (6) is the LDAP attribute that will be used as the user login name in Flexess.
- The search scope (7) field defines the scope of the search. The search always starts from the Base DN level and may be limited by only one level or set to perform searches in the whole sub-tree.
- The Attribute (8) and Mapping (9) settings are optional and are used for connection tuning. See Managing User Profile Attributes and Using Attribute Mapping for more information.
- Click on the select button after filling out the form.
The LDAP UMI connector saves the settings and tries to establish a connection. The connection and its status are displayed on the UMI Connections page (Server Management > UMI Connections).
The following table explains the possible statuses and extended information that they provide:
| Status | Extended information | Possible reason | Action |
| ERROR | Cannot connect to ldap://localhost:389 | The host name or port is not correct | Check the host and port settings |
| The LDAP server is not running | Check if the LDAP server is running and accessible from the Flexess computer. | ||
| ERROR | Cannot connect to ldap://fire.jresearch.org:10389 with base name o=r. The server reports the following base DN: dc=example,dc=com | Incorrect Base DN. | Use one base DN from provided list. |
| ERROR | Cannot connect to ldap://server.jresearch.org:10389. Check if the server accepts the connections from your IP | The LDAP server denied the connection from your network. The LDAP server logs may contain more information. | Contact the LDAP server administrator. |
| ERROR | Cannot connect to ldap://server.jresearch.org:10389. Wrong login or password: [LDAP: error code 48 - binds with a dn require a password] | LDAP Server does not allow the use of empty passwords to connect | Assign a password. |
| ERROR | Cannot connect to ldap://server.jresearch.org:10389. Wrong login or password: [LDAP: error code 32 - No Such Object] | There are not any users with the given user DN | Check the user's distinguish name. |
| ERROR | Cannot connect to ldap://server.jresearch.org:10389. Wrong login or password: [LDAP: error code 49 - Invalid Credentials] | Incorrect password | Check the user password |
| WARNING | Server does not support listing | LDAP Server does not support PRC 2696 or VLV | If the server supports another paging mechanism, you can submit a request for its support in future installations. |
| Selected user does not have rights to check paging controls | Check the user rights. |
To edit the configured UMI LDAP Connection you should select the name of the connection on the UMI Connections page.
Post a Comment:
Comments are closed for this entry.
