Skip to main content
N
NSC_Gillis
Participant
August 6, 2009
Question

Active Directory/LDAP tie in

  • August 6, 2009
  • 2 replies
  • 3075 views

I have followed the scarce help manual and the postings here.

However while others have mentioned this issue, no one posts the fix.

The last person mentioned having a senior support person scheduled to call them to resolve.

Here is the setup:

RoboHelp Server 8 - installed on Win2k3, Running Tomcat/Apache.

AD server(s) are 2003. (Does not matter which server I querry)

Followed the instruction guide, and subbed in our settings:

#Specify the kind of authentication to be used
#authtype = ldap
DefAdminUid = domainadminaccount
DefAdminPwd =

#To use LDAP authentication , uncomment the following lines and specify ldap details of your organization
authtype = ldap
ldapURL = ldap://ldapserver:389
usersearch = CN=Users, DC=our, DC=domain, DC=org
rolesearchbase = DC=our, DC=domain, DC=org
useridkey = CN
rolename = CN
rolesearch = memberOf

2 issues arose:

1st - our users are not located only in the CN=Users container - for orgnaizational and security reasons.

The domain admin account is in that conatinaer though, and so if I kept the usersearch line as above - it worked (on Tuesday).

However, I could not get it to search subcontainers, so no other users would work.

Any ideas on subcontainer searching?

2nd - Today I come in and play with the settings (trying different options to get it to search subcontainers) - and now the above search will not work either.  This is a DomainAdmin account - so no account lockout is the issue.  i am getting the following error:

javax.naming.AuthenticationException:

[LDAP: error code 49 - 80090308:

LdapErr: DSID-0C090334, comment:

AcceptSecurityContext error, data 525, vece

From what i can see this is a "user not found error"

But the user is there.  And using MS LDAP tool, I can bind and querry using the above account.

Using JExplorer LDAP browser on the the RoboHelp Server produces the same error.

This error was also present with issue 1 above - not searchign subcontainers.

Stumped.

Any ideas on the above 2 issues?  I can change the setting back to db and admin (default) and login, but of course that does not provide help.

Thanks for any ideas.

Gillis

This topic has been closed for replies.

2 replies

P
Paul_at_GHG
Participant
April 19, 2010

Did you ever get a solution for this?  I have LDAP to AD working for RoboHelp Server but cannot get it to traverse sub-trees.

johndaigle
johndaigle
Legend
April 19, 2010

Hi, Paul

I will alert Adobe's engineering team and see if they can take a look at your post.

Thanks

John Daigle
Adobe Certified RoboHelp and Captivate Instructor
Evergreen, Colorado
www.showmethedemo.com

John DaigleAdobe Certified RoboHelp and Captivate InstructorNewport, Oregon
N
NSC_GillisAuthor
Participant
August 6, 2009

Update:

I got both LDAP Explorer2 and JExplorer to work attaching to LDAP/AD server using the following:

User DSN: CN=domainadminname,CN=Users,DC=our,DC=domain,DC=org

However - subbing that in the DefAdminUid field still results in the above error.

N
NSC_GillisAuthor
Participant
August 6, 2009

Fixed back to where I was on Tuesday:

#Specify the kind of authentication to be used
#authtype = ldap
DefAdminUid = domainadminaccount
DefAdminPwd =

#To use LDAP authentication , uncomment the following lines and specify ldap details of your organization
authtype = ldap
ldapURL = ldap://ldapserver:389
usersearchbase = CN=Users, DC=our, DC=domain, DC=org
rolesearchbase = DC=our, DC=domain, DC=org
useridkey = CN
rolename = CN
rolesearch = memberOf

However I need to change usersearchbase to be one level higher and get it to search subcontainers.

A setting like "usersearchscope" or some such setting.

It is eveidentally set to false or 0 or 1 - not 2 or true which is the setting that allows sub searches.

Looking thru all the js and xml files now...

V
Vancelo
Participant
July 4, 2011

What do you mean by

"It is eveidentally set to false or 0 or 1 - not 2 or true which is the setting that allows sub searches."

You changed RoboHelp Server or Tomcat configuration ?

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices